When you think about security breaches, you generally don’t connect them with academic institutions. Instead, you may be worried about the safety of your bank and tax records. After all, why would anyone want to steal personal information from students? But a lot of damage can be done when hackers get access to personal information. This article covers the biggest security breaches that have befallen academic institutions in recent years and what can be done to keep information safer in the future.
Hackers Get into UC Berkeley Computers
In 2009, hackers were able to infiltrate the restricted computer database belonging to the University of California, Berkeley. The breach may have affected up to 160,000 students, alumni, and others, and the breach compromised information all the way back to 1999.
The breached data included sensitive information, such as social security numbers, health insurance information, birth dates, and even some medical records. The database didn’t just collect information on students and alumni but also information about parents, spouses, and Mill’s college students who were eligible for Berkeley’s health services during that time period.
An internet security firm was able to trace the breach back to hackers’ computers in overseas locations, including China. All of the affected students were notified of the breach. On the bright side, none of the notified students had reported identity theft after the breach was discovered.
Thieves Steal Stanford University’s Laptop with Employee Data
In 2008, tens of thousands of past and current Stanford University employees had their personal information compromised. Stolen information included dates of birth, addresses, and social security numbers.
How did this happen? The employee data was stored on a stolen Stanford University laptop. There is no information about how the theft happened, but one can easily imagine how a thief could easily walk away with a laptop. But the question remains: why would the university store such sensitive information on a laptop that’s not adequately secured?
To deal with the security breach, the University of Stanford offered extensive credit monitoring for anyone potentially affected by the incident.
Data Breach Exposed Indiana University Students’ Personal Information
As recent as February of 2014, about 146,000 students at Indiana University may have had their personal information compromised. Shockingly, the students’ information was stored for nearly a year on a site unprotected by security authentication.
Students who attended campus between 2011 and 2014 were affected. The information that was stored on that site included names, addresses, and social security numbers. On the bright side, there is no proof that any of the information was viewed or used for inappropriate or illegal purposes. However, the university was able to determine that 3 separate web crawlers had accessed and downloaded the data files.
What Can Be Done After a Security Breach?
There is not much an organization can do after a security breach has been confirmed, except offer extensive credit monitoring to the potential victims. In the case above, Indiana University also notified the credit reporting agencies about the breach, which should safeguard the affected people from identity theft.
How Can Organizations Prevent Security Breaches?
It’s much easier to prevent a security breach than to try to fix things after the fact. Of course, it’s easier to talk about security with the advantage of hindsight. Now that academic institutions have repeatedly been the target of hackers and thieves, academic institutions are taking data security more seriously.
Protecting Physical Information
With Stanford University’s example in mind, it becomes obvious that your physical property must be protected. It’s not enough to store data on computers that can’t be accessed without a password if it’s easy to steal that desktop or laptop.
Safeguarding Electronic Data
Berkeley’s and Indiana University’s information was compromised without anyone entering the premises of the schools. It’s obviously in an organization’s best interest to take the necessary steps to safeguard electronically stored data. Again, password protection is usually not enough. In order to prevent the unauthorized access of files, all of your information must be encrypted.
eFileCabinet Takes Security Seriously
When it comes to cyber security, eFileCabinet takes its job seriously. We know that the security of your files is your biggest concern when it comes to electronic document storage. And while we safely encrypt all of your files to prevent data loss, we also know that it’s important to keep your documents accessible to you. eFileCabinet offers role-based user access to control who has access to sensitive documents.
To learn more about eFileCabinet’s solution to document management, fill out the form on this page for your free 15-minute demo. If you have any questions about the security of your documents, we invite you to give us a call or chat with us.