Data Security Breach at Penn State University

Owing to the data security breaches at Penn State University in recent weeks, around 25,572 Social Security numbers stored on computers exposed, said the University on June 2, 2010.

Geoff Rushton, the University spokesman, said that Penn State had no evidence to prove that any unauthorized person got an access to the number which seemed belong to alumini, as reported by statecollege on June 2, 2010. He said that the breach took place after the spreading of infection on two computers - one located at the University libraries and the other Outreach Market Research and Data office.

The hacked system maintained database of social security numbers till 2005. In the same year (2005), the University seized to collect the social security numbers, but a copy remained on the system. The University officials were unaware of this fact.

Following the revelation of the breach, the University released an alert - 'Although the data theft is unlikely to take place, the University officials alert everyone who might have been affected. The University in advance inform the concerned people so that they can take necessary steps to mitigate the risk,' according the statement given by Sarah Morrow (Chief Privacy Officer for the University, as reported by Penn State Live on June 2, 2010.

Letters have been dispatched since June 2, 2010 to the affected people. The letter contains a brochure giving detail about the prevention of identity theft. The information was collected from the Federal Trade Commission (FTC) and the Pennsylvania Attorney General's websites. The University sent response according to the Pennsylvania Breach of Personal Information Notification Act came into effect in 2006. The Act mandates that the University should inform to the concerned persons whose personal information has been potentially revealed on account of losing computer.

Besides, the University has also posted information regarding security tips on a particular website.

Meanwhile, this is not the first occasion when Penn State has become the target of hackers. Similar kinds of botnet attacks had been discovered in the early 2010 wherein the personal information of over 5,000 people might have been stolen. Prior to this, Penn State had announced on March 23, 2009 that 10,868 Social Security numbers might have been stolen from Penn State Erie.

Related article: Data Theft Incidents Influence Consumers Adversely

» SPAMfighter News - 6/11/2010