OSU averaging 10 data breaches a year

[Christine Fulgham <christine () opensecurityfoundation org>]

http://first-make-money.com/osu-averaging-10-data-breaches-a-year-forex.html


with six data breaches in the past year, Ohio State officials are urging
students and faculty to help keep private information safe.

“Ohio State has been tracking [breaches] for the past three years,” said
Charles Morrow-Jones, director of IT Security.

“We’ve been averaging about 10 per year and virtually all of them involve
Social Security numbers.”

of the six recently reported breaches, two were dismissed and four were
classified as “minor.”

“I think every single one of [the minor cases] was somebody disposing of an
old computer to surplus and they didn’t cleanse all of the information off
their computers,” said Catherine Bindewald, director of communications for
the Office of the Chief Information Officer. “So they found that the
information was made public.”

Data can also leak when faculty members keep old student rosters on their
computers, Morrow-Jones said.

old student lists sometimes include Social Security numbers because, until
recent years, the university used the numbers to identify students.

“The main reason that we have data exposures is that an awful lot of Social
Security numbers are floating around out there,” Morrow-Jones said.

now that OSU assigns identification numbers to students, he said, the number
of breaches will decrease.

[...]

_______________________________________________
Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list

Learn encryption strategies that manage risk and shore up compliance.
Download Article 1 of CREDANT Technologies' The Essentials Series:
Endpoint Data Encryption That Actually Works
http://credant.com/campaigns/realtime2/gap-LP1/