August could be a bad month for data security in higher education


Universities recently reported a deluge of cyber attacks from China.

The return of college students to campuses next month could mark a data-stealing bonanza for hackers as unprotected personal information moves back and forth between institutions and their students.

More than half of colleges and universities transmit various kinds of sensitive information – including financial details – over unencrypted channels, according to a survey conducted by HALOCK Security Labs, a security firm based in Illinois.

One-fourth of the 162 institutions included in HALOCK’s survey said they advised students and parents to send personal information – including W2 documents – via eMail.

The questionable data security practices of so many colleges and universities could prove particularly problematic in the weeks before fall 2013 courses begin, as students and parents submit sensitive information for a variety of reasons, including to secure financial aid before the semester kicks off.

“When universities utilize unencrypted email as a method for submitting W2s and other sensitive documents, the information and attachments are transmitted as cleartext over the internet,” said Terry Kurzynski, partner at HALOCK Security Labs. “This format is susceptible to hackers and criminals who can use this private information for identity theft.”

Kurzynski suggested that beyond simple negligence, risky data transmissions from colleges and universities could draw the interested of government officials and agencies.

“These are foreseeable risks that are extremely treatable,” he said. “Breaches resulting from this type of transmission will capture the attention of the states’ attorneys general and the Federal Trade Commission.”

See the next page for a list of reasons for data breaches in higher education…

The HALOCK survey comes just weeks after it was revealed that universities have faced a deluge of cyber attacks from various Chinese IP addresses, with some schools like the University of Wisconsin reporting 100,000 cyber attacks from China every day.

The HALOCK report suggests that higher education’s open culture has contributed to the risky information transactions, along with budget issues that leave some IT departments without resources to properly protect vital student information and campus higher-ups who don’t fully grasp the dangers of sending information over unencrypted connections.

Schools included in HALOCK’s data security survey ranged from community colleges to research universities to technical schools.

Sign up for our newsletter

Newsletter: Innovations in K12 Education
By submitting your information, you agree to our Terms & Conditions and Privacy Policy.

Oops! We could not locate your form.

Sign up for our newsletter

Newsletter: Innovations in K12 Education
By submitting your information, you agree to our Terms & Conditions and Privacy Policy.