Securing Students’ Data Top Tech Issue
By Marisol Bello
A computer break-in at Harvard University highlights the growing challenges the nation’s colleges and universities face in trying to safeguard students’ private information.
Security/privacy is the No. 1 technology concern for schools, according to an annual survey of 535 colleges and universities by Educause, which will publish the results in May. The organization, based in Washington, D.C., works with universities on a range of information technology issues, including securing their systems.
“Data security incidents have been epidemic in the last two to three years and not just at colleges and universities,” says Rodney Petersen, Educause’s security task force coordinator, who works with schools to secure their databases. “It’s a significant problem and source of concern.”
The most recent college breach occurred at the Harvard Graduate School of Arts and Sciences in February, when a hacker broke into a Web server that contained personal information on 10,000 grad-school applicants. The information ranged from Social Security numbers and addresses to food allergies and housing preferences.
The server contained data on students who applied to the graduate school for the 2007 school year and graduate housing applicants for 2006 and 2007. There was no financial information.
The university has found no evidence that the data have been used in identity theft, says Daniel Moriarty, Harvard’s chief information officer.
“The reason we moved to notify individuals was as a precaution” because the school does not know the extent of the breach, he says.
University officials took down the site Feb. 17 after they learned that 19 student housing records had shown up on a website called Pirate’s Bay, where hackers show off their work. Since then, the school has sent letters to all students whose records were on the server and has offered to pay for credit-protection services.
In 2007, there were 139 reported information security incidents at colleges around the world, a 68% increase from the previous year, according to a report by Educational Security Incidents, which tracks information security breaches in higher education.
Incidents range from stolen laptops containing student and employee data to breaches of the schools’ network systems. The most common data pilfered are names, addresses, ages and Social Security numbers, the report says. (c) Copyright 2008 USA TODAY, a division of Gannett Co. Inc.