UCLA data breach affects 800,000

[David Farber <dave () farber net>]

Begin forwarded message:

From: peterb () cequs com
Date: December 14, 2006 8:47:38 AM JST
To: dave () farber net
Subject: RE: [IP] UCLA data breach affects 800,000

Dave,

They can keep SSNs and encrypt them, and use a unique id instead. Most
colleges have gotten rid of SSNs as much as possible for this reason.  
Many
people are working on "user centric" solutions which would supply  
this information
from the user, on an event based, need to know basis, rather than  
some legacy database.

The problem is not unique to UCLA.

Peter Bachman
Cequs Inc.




-------- Original Message --------
Subject: [IP] UCLA data breach affects 800,000
From: David Farber <dave () farber net>
Date: Wed, December 13, 2006 6:38 pm
To: ip () v2 listbox com

Begin forwarded message:

From: Richard Wiggins <richard.wiggins () gmail com>
Date: December 14, 2006 12:18:29 AM JST
To: Dave Farber <dave () farber net>
Subject: UCLA data breach affects 800,000

Dave,

For IP if you wish:

The UCLA data breach affects 800,000 people.  This raises an important
question about retention of private data.  UCLA has about 35,000
students so let's say a campus community of 50,000.  To get to
800,000, UCLA must be retaining private information on former
students, applicants, and employees going back decades!

Universities have no choice but to gather SSNs, for payroll purposes,
federal financial aid requirements, etc. &nb

-------------------------------------
You are subscribed as lists-ip () insecure org
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/