Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Universities riskiest place for SSN

From: Mike Lococo <mike.lococo () NYU EDU>
Date: Mon, 8 Nov 2010 15:23:29 -0500
On 11/08/2010 02:32 PM, Eric Case wrote:

The original post,
http://blogs.mcafee.com/consumer/identity-theft/top-ten-most-dangerous-place
s-to-leave-your-social-security-number, says, "Robert Siciliano, on behalf
of McAfee,  analyzed data breaches published by the Identity Theft Resource
Center, Privacy Rights Clearinghouse and the Open Security Foundation that
involved Social Security number breaches from January 2009 - October 2010 to
reveal the riskiest places to lose your ID."

It is unclear if they ranked by number of records/breach or number of
breaches.


My read is that the number in parens at the end of each top-10 entry is
a breach-count (it's certainly not a record-count), which is used as the
ranking/sorting key.  Since the data is from a report covering
2009-2010, it's fairly recent.

If one is looking for a methodology flaw that excuses Higher-Ed's
number-one spot on the list, it's probably the failure to account for
our culture of openness.  You don't see other industries announcing a
breach and then saying "there was no evidence of unauthorized access,
but we're calling this a breach and announcing it anyway", which is
fairly common from higher-ed institutions.  We might get dwarfed on
record count as-well, but that you can't see that data without buying
the original report.

Cheers,
Mike Lococo
Previous By Date Next
Previous By Thread Next

Current thread: