BreachExchange mailing list archives
Laptop theft compromises information of 8300 campus community members
From: Erica Absetz <eabsetz () opensecurityfoundation org>
Date: Tue, 11 Dec 2012 10:42:01 -0500
http://www.pepperdine-graphic.com/headline/laptop-theft-compromises-information-of-8300-campus-community-members/ President Andrew K. Benton sent an email today informing the university community that a laptop computer belonging to an authorized university employee was stolen from that individual’s car. This laptop had been used extensively in work related to the IRS, “and it contained data dating back to 2008 involving as many as 8300 Pepperdine campus community members.” Approximately 75 percent of these names belong to students. The theft was reported to local law enforcement, and Pepperdine immediately launched its own investigation into the matter. While it is possible that the thief was solely looking for the laptop, “we must prepare for the worst case scenario,” Benton wrote. Pepperdine’s Chief Information Officer, Jonathan See, will send out a more specific advisory within the next few days. The laptop was not encrypted, according to Benton, and confidential information stored on an unencrypted computer is subject to a confidential information breach. The university is committed to protecting the information of all community members and assures members that this will not happen again. In response to the potential loss of confidential institutional data, Benton wrote that the university realizes that it needs to review its policies related to technology, data storage and the reality of increasingly sophisticated crime. Pepperdine officials have identified all names that may be exposed, and have created a tailored program to respond to this security breach. The university has contacted identify theft experts to respond as quickly and as accurately as possible. Very soon information will be directed to each one of the 8300 individuals whose security has been compromised. Benton wrote on Dec. 7: “I am writing merely to say that I am sorry this happened. I am also sobered by the reality of losses like this that are certainly not inevitable, but are not uncommon. The most important thing we can do right now is to communicate what we know, and also to give timely and thorough information to those individuals who have been impacted. “We will learn something from this loss, and we will support those who experience any impact from it.” _______________________________________________ Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://datalossdb.org/mailing_list Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) Risk Based Security equips organizations with security intelligence, risk management services and on-demand security solutions to establish customized risk-based programs to address information security and compliance challenges. Tenable Network Security (http://www.tenable.com/) Tenable Network Security provides a suite of solutions which unify real-time vulnerability, event and compliance monitoring into a single, role-based, interface for administrators, auditors and risk managers to evaluate, communicate and report needed information for effective decision making and systems management.
Current thread:
- Laptop theft compromises information of 8300 campus community members Erica Absetz (Dec 11)