College students are especially vulnerable to identity theft, and just in time for Fall Semester there’s been another data breach involving students’ personal information to prove it.
Usually, when a house is robbed, the problem and headache is limited to the home’s residents. But when the home of a University of Colorado at Colorado Springs professor was broken into July 5, more than 750 current and former students were placed at risk of becoming identity theft victims.
The professor laptop was stolen during the break-in, and on it he stored unencrypted lists of the 766 students who attended his classes from 2003 to 2009.
In most cases, the stored information was limited to students’ names, student ID numbers, email addresses, graduation year and grades, but 241 students weren’t so lucky: The university used students’ Social Security numbers as student ID numbers until Summer Semester, 2005.
The university began sending letters to the affected students last Monday. A reporter for KKTV, a local television channel, asked a university official why it took three weeks to notify students of the data breach. The university official said it simply took that long for them to figure out exactly what was on the laptop and who was involved.
Although the information on the stolen laptop wasn’t encrypted, the university’s notification letter states they “will continue working with all departments to encrypt all personally identifiable data on laptop computers and portable devices to help prevent this situation from occurring in the future.”
There has been no mention as to whether the information was password protected.