Via Kristv.com (Local) -
CORPUS CHRISTI - The personal information of thousands of students at Texas A&M Corpus Christi was recently lost in a foreign country. A professor vacationing off the coast of Africa took the data with him on a small computer storage device.
That device is missing, and Friday night, university officials are conceding that the personal information of just about every student on campus in 2006 is out there somewhere.
Dr. Blair Sterba-Boatwright is the chairman of the math department at the university. He is an active traveler and outdoor photographer. His most recent trip was to Madagascar off the coast of Africa.
University officials said he took with him a flash drive, containing the personal data of some 8,000 students to do some work while on vacation, but this week, the school is telling students that the flash drive was lost in Madascar, and officials said the device, "may have contained files with personally identifiable student information, including social security numbers."
It has some students concerned about what would happen if that information fell into the wrong hands.
"You might end up getting some letters in the mail saying you might have bills or something else that you don't even know of," Johnathon Sanchez said.
Some were unaware of the lost information, but planned to keep an eye on their credit and pay attention for any updates from school officials, who don't believe students are at any significant risk for identity theft, but can't yet confirm that for sure.
It wasn't against the rules for the professor to take the student files with him. However, it's still possible the university could take action against him.
School officials are still trying to pinpoint exactly what information was on the device. But again, at this point, they believe it included the social security numbers and dates of birth for students enrolled in the spring, summer and fall semesters of 2006.
Those students will be receiving letters from the university, explaining the situation.
----------------------------------
Encrypted USBs anyone?
Also, it sounds like TAMUCC needs a little tweak in their security policy. It wasn't against the rules for him to leave the country with personal data of almost every student on a USB.....not to mention to another country.
I mean, stuff happen...things will get lost...that is a given. But the security policy of TAMUCC clearly is lacking in the "information classification category".
I would put more blame on the school than the teacher. Is the school still using SSN to ID students? If not, then why does the teacher even have SSN numbers? HIPAA anyone?
The use of SSN according the HIPAA is still an open subject, it is clear that schools are being pushed to use something other than SSN for Student ID.
No comments:
Post a Comment