A recent study of 162 U.S. colleges and universities conducted by HALOCK Security Labs found that 50 percent allow for the transmission of sensitive information via unencrypted e-mail, and 25 percent advise applicants to submit personal information, including W-2s, via unencrypted e-mail (h/t Network World).
The study included Big 10, Big 8, Ivy League, community colleges and technical institutes in California, Colorado, Connecticut, Florida, Idaho, Illinois, Iowa, Indiana, Kansas, Louisiana, Massachusetts, Michigan, Minnesota, Mississippi, New Jersey, New York, North Carolina, Ohio, Pennsylvania, Texas, West Virginia and Wisconsin.
"When universities utilize unencrypted e-mail as a method for submitting W-2s and other sensitive documents, the information and attachments are transmitted as clear text over the Internet," HALOCK Security Labs partner Terry Kurzynski said in a statement. "This format is susceptible to hackers and criminals who can use this private information for identity theft."
"These are foreseeable risks that are extremely treatable," Kurzynski added. "Breaches resulting from this type of transmission will capture the attention of the states' attorneys general and the Federal Trade Commission."