Interesting People mailing list archives
UCLA data breach affects 800,000
From: David Farber <dave () farber net>
Date: Thu, 14 Dec 2006 08:38:27 +0900
Begin forwarded message: From: Richard Wiggins <richard.wiggins () gmail com> Date: December 14, 2006 12:18:29 AM JST To: Dave Farber <dave () farber net> Subject: UCLA data breach affects 800,000 Dave, For IP if you wish: The UCLA data breach affects 800,000 people. This raises an important question about retention of private data. UCLA has about 35,000 students so let's say a campus community of 50,000. To get to 800,000, UCLA must be retaining private information on former students, applicants, and employees going back decades! Universities have no choice but to gather SSNs, for payroll purposes, federal financial aid requirements, etc. The question is: why do they need to retain the information indefinitely? The answer is because it's much more work to expunge confidential information when no longer needed than it is to just keep it in the database. People need to start demanding that institutions do this hard work. What right does UCLA have to retain the SSN of a student from 1965? When student records were kept in paper files under loclk and key, risk of massive exposure was small. When an institution takes years of backfiles and puts them online, everyone faces risk. Why are student records from decades ago even in an online database connected to the Internet 24 X 7? /rich ------------------------------------- You are subscribed as lists-ip () insecure org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- UCLA data breach affects 800,000 David Farber (Dec 13)
- <Possible follow-ups>
- UCLA data breach affects 800,000 David Farber (Dec 13)