Establishing Digital Trust: Don't Sacrifice Security for Convenience
Virginia Tech recently announced that a server in its human resources department was hacked on August 28, 2013, exposing the personal information of 144,963 people who had applied for jobs at the university between 2003 and 2013 (h/t Softpedia).
Without elaborating, university spokesman Larry Hincker told the Roanoke Times that the breach did not result from a security failure on the university's part. "We have protections and protocols in place. ... They were not followed," he said. "It was human error."
While only information from job applications was exposed (no credit card information or Social Security numbers), the university notes that the online application asks applicants to "indicate your professional licenses, certificates, or other authorizations to practice a trade or profession."
In response to that question, 16,642 unfortunate applicants had provided their driver's license numbers. All of those individuals have been contacted to inform them of the breach.https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=i
The other 128,321 had only provided basic employment application information (name, address, employment history, education history, prior convictions).
"Virginia Tech deeply regrets that this occurred and is taking appropriate steps to address and correct the situation to prevent it from happening again," Hal Irvin, associate vice president for human resources, said in a statement.