The theft of a laptop computer--which, as far as I can tell, was not protected with disk encryption--has triggered a data breach at the University of Connecticut West Hartford campus. Over 10,000 university applicants are affected.
Applicants from 2004 through July 30, 2010 (10,174 in all) are affected by this breach. It happened on August 3rd when a laptop was found missing from its regular storage place, a cabinet at the West Hartford campus IT department. Personal data breached includes contact information and SSNs, which are still de rigueur when applying to become a student. Like I observed before, the use of encryption software was not mentioned. However, seeing how it's widely reported that "no one has tried so far to get into the university's computer systems with the laptop," it can be concluded that full disk encryption was not used--otherwise there'd be no reason to even check that particular possibility, since encryption nearly renders impossible the access to the computer. Of course, that's not to say that file encryption couldn't have been used, where individual files--as opposed to the entire computer--are protected. The Attorney General is investigating this one, as well as the Yale situation from yesterday. One busy man, that state AG. Of course, the circumstances don't exactly let him relax, either.
Applicants from 2004 through July 30, 2010 (10,174 in all) are affected by this breach. It happened on August 3rd when a laptop was found missing from its regular storage place, a cabinet at the West Hartford campus IT department.
Personal data breached includes contact information and SSNs, which are still de rigueur when applying to become a student.
Like I observed before, the use of encryption software was not mentioned. However, seeing how it's widely reported that "no one has tried so far to get into the university's computer systems with the laptop," it can be concluded that full disk encryption was not used--otherwise there'd be no reason to even check that particular possibility, since encryption nearly renders impossible the access to the computer.
Of course, that's not to say that file encryption couldn't have been used, where individual files--as opposed to the entire computer--are protected.
The Attorney General is investigating this one, as well as the Yale situation from yesterday. One busy man, that state AG. Of course, the circumstances don't exactly let him relax, either.
Related Articles and Sites:http://today.uconn.edu/?p=19485&utm_campaign=Tiers&utm_source=Tier2&utm_medium=Frontpagehttp://ctwatchdog.com/2010/08/19/uconn-security-breach-impacts-more-than-10000http://www.wtnh.com/dpp/news/education/storrs-laptop-stolen-from-uconn-admissions