.

Personal Info of 235,000 Compromised at WCSU

A computer security problem at Western Connecticut State University exposed the records of about 235,000 people collected by the university over 13 years.


Western Connecticut State University is notifying 235,000 people their records, including social security numbers and other personal information, were insecure on its computers for three years and four months. WCSU said it has found no evidence that records were inappropriately accessed.

 The affected group includes students, their families and those who had other associations with the university, as well as high school students whose SAT scores were purchased in lists, a common practice in higher education.

The vulnerability existed from April 2009 to September 2012 and potentially exposed information, including Social Security numbers, of about 235,000 people whose records were collected by the university over a 13-year period.

Although WCSU has found no evidence that records were inappropriately accessed, to protect those potentially affected, Western is offering up to two years of ID theft protection at no cost through a company named AllClear ID.

 Everyone in the affected groups will receive a letter explaining the protection being offered and the steps they may take to access AllClear ID services.

Since discovery of the exposure, the university has dramatically increased its information protection capacity with new layers of protection. The university will continue to assess and improve all aspects of its information security.

Dr. Robin Appleby November 30, 2012 at 12:34 PM
I know that I and my family will pay a price, probably huge, for speaking out as I do and criticising the government overreach and abuse I hope that when that day arrives, that Ken, Kevin and Wondering (also Ben, Howard and Andrew)....even though we differ on solutions to the problems of the day......will stand with me....as I would with you.
Kevin O'Connor November 30, 2012 at 05:20 PM
Woooo. Settle down now. I'm actually very much on the side of not big government... Granted I did mention the government specifically but really I meant that there needs to be one central data store, government-owned or not. I was also pointing out the the government standard for encryption have not been broken. Also, my post wasn't in support of Obamacare, I'm not sure if that bridge was assumed. But you bring up a fair point, why would I trust the federal government with my medical records whom have a record of data leaks? Let's take a step back here and I'll state my clear point of view on the subject: There needs to be a central authority or authoritative hierarchy charged with the task of storing and transmitting cryptographically secure digital medical records. There are ways to do this that I would support, even if the government was that central authority. There are protocols that can do 3-way handshake and authentication and authorization where the third party can read none of the actual secure information. The point of the central authority would be to say the two other people are who they say they are and to make sure none of the data gets changed maliciously. This method I would support, even if it's run by the government. My criteria is that the protocol used it published. I do apologize that my post seemed in support of big government, I'm not, I'm in support of digital medical records. Like I said, it can be done securely, government or not.
sock puppet November 30, 2012 at 07:12 PM
First they came for lunatics, and i said nothing because I am no lunatic Then they came for the wingnuts, and I said nothing, because I am no wingnut Then they came for the idiots, and I did nothing, because I am no idiot Then they came for the Applebys, and I kept silent, because I do not like fast food And when they came for me, there were plenty of people left, and we had a party
Steven DeVaux December 02, 2012 at 01:31 PM
Hahahahahahahahahahahahahahaha - good luck. You'll get a letter back from their lead attorney. They respond one step worst that Brookfield does on FOI's.
Steven DeVaux December 02, 2012 at 01:34 PM
The number of people who didn't read 1984, or read it and didn't understand it's meaning is really showing. Since Andrew doesn't have a job, and plenty of years to read, I wonder if he did.

Boards

More »
Got a question? Something on your mind? Talk to your community, directly.
Note Article
Just a short thought to get the word out quickly about anything in your neighborhood.
Share something with your neighbors.What's on your mind?What's on your mind?Make an announcement, speak your mind, or sell somethingPost something
See more »