Interesting People mailing list archives
more on UCLA data breach affects 800,000
From: David Farber <dave () farber net>
Date: Thu, 14 Dec 2006 11:04:05 +0900
But not to be excused djf Begin forwarded message: From: Lauren Weinstein <lauren () vortex com> Date: December 14, 2006 10:09:42 AM JST To: dave () farber net Cc: lauren () vortex com Subject: Re: [IP] UCLA data breach affects 800,000 Dave, It's worth noting that as egregious as these cases are -- and my public stance in favor of mandated data destruction policies is well known -- it's worth remembering that these mass data breaches are not a primary vector for identity fraud. In fact, by far most identity fraud reportedly is the result of actions by "friends," or relatives who know the targets personally, or by local culprits who can get physical access to the targets' bills or other mail -- much more effective for these kinds of frauds. Just something to think about. --Lauren-- Lauren Weinstein lauren () vortex com or lauren () pfir org Tel: +1 (818) 225-2800 http://www.pfir.org/lauren Co-Founder, PFIR - People For Internet Responsibility - http://www.pfir.org Co-Founder, IOIC - International Open Internet Coalition - http://www.ioic.net Founder, CIFIP - California Initiative For Internet Privacy - http://www.cifip.org Moderator, PRIVACY Forum - http://www.vortex.com Member, ACM Committee on Computers and Public Policy Lauren's Blog: http://lauren.vortex.com DayThink: http://daythink.vortex.com - - -
Begin forwarded message: From: peterb () cequs com Date: December 14, 2006 8:47:38 AM JST To: dave () farber net Subject: RE: [IP] UCLA data breach affects 800,000 Dave, They can keep SSNs and encrypt them, and use a unique id instead. Most colleges have gotten rid of SSNs as much as possible for this reason. Many people are working on "user centric" solutions which would supply this information from the user, on an event based, need to know basis, rather than some legacy database. The problem is not unique to UCLA. Peter Bachman Cequs Inc. -------- Original Message -------- Subject: [IP] UCLA data breach affects 800,000 From: David Farber <dave () farber net> Date: Wed, December 13, 2006 6:38 pm To: ip () v2 listbox com Begin forwarded message: From: Richard Wiggins <richard.wiggins () gmail com> Date: December 14, 2006 12:18:29 AM JST To: Dave Farber <dave () farber net> Subject: UCLA data breach affects 800,000 Dave, For IP if you wish: The UCLA data breach affects 800,000 people. This raises an important question about retention of private data. UCLA has about 35,000 students so let's say a campus community of 50,000. To get to 800,000, UCLA must be retaining private information on former students, applicants, and employees going back decades! Universities have no choice but to gather SSNs, for payroll purposes, federal financial aid requirements, etc. &nb ------------------------------------- You are subscribed as lauren () pfir org To manage your subscription, go to http://v2.listbox.com/member/?listname=ipArchives at: http://www.interesting-people.org/archives/interesting- people/
------------------------------------- You are subscribed as lists-ip () insecure org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- more on UCLA data breach affects 800,000 David Farber (Dec 13)