Perhaps every month, not just January, should be Data Privacy Month in higher education.
Massive data losses have come at a furious pace in colleges and universities over the past year, with news of massive data breaches sometimes greeted with public ambivalence rarely seen even a few years ago.
It’s sometimes difficult to keep track of notable data losses on campuses of every size. It should be noted, however, that 2006 was the high water mark for campus-based data breaches. More than 2 million campus records were illegally accessed that year, according to the Privacy Rights Clearinghouse.
“Not having one body that really is aware of all the security aspects of a college is a disadvantage for [higher education],” said Alex Rothacker, director of research for Application Security. “All [departments] aren’t complying with one set of policies that have been laid out.”
Here’s a rundown of some of the worst data breaches in higher education over the past year, some of which were so massive that the exact number of people affected by the breaches remains unknown.
1) University of Southern California (USC) on June 29, 2012: Third-party university software designed to process credit card transactions across campus was illegally accessed, though names of credit card owners were not associated with the card numbers that were hacked. The precise number of credit card numbers involved remains unknown.
2) Kirkwood Community College on March 13, 2013: The Social Security Numbers of more than 125,000 applicants over an eight-year span were exposed in this massive hack of the community college’s website. The archived information did not include financial details from the applicants, however.