This time, at Stanford University
Last modified on Tuesday, 10 June 2008 15:26
Yet another theft has occurred which has made the private information of up to 72,000 Stanford University faculty members, staff and students subject to potential identity theft. A community laptop containing the names, addresses, Social Security numbers, birth dates, University ID and employee staff numbers, as well as their salary history, was stolen recently.
While the theft may have been random, Stanford has issued an alert, warning that the data on the laptop was not encrypted. Given the recent history of technology equipment thefts and the huge database of information on this laptop, it is difficult to comprehend why Stanford did not take a simple and routine security measure by encrypting the data on this laptop.
As usual, the University attempted to discourage and downplay concerns that whoever has the laptop does not know that the data is there or even what to do with the information. While we keep hearing this excuse from the institutions that have lost users’ data, we have to wonder just how dumb they think all criminals are. It doesn’t take a rocket scientist to recognize names, addresses, Social Security Numbers and birth dates as being valuable information that somebody might pay a lot of money for.
Unfortunately, the list of recent data compromises keeps growing, with two additional incidents confirmed last week. A laptop containing salary data on management staffers at AT&T Inc. was stolen, while a laptop belonging to the New Mexico Department of Workplace Solutions was also stolen. Neither laptop had encrypted the data on it.