Modernizing Authentication — What It Takes to Transform Secure Access
Date: 12/14/2017 @ 1 p.m. ET
Officials at the University of Connecticut's West Hartford campus this week are busy notifying thousands of applicants that that their names, Social Security numbers and other personal information were exposed after a laptop containing the data was stolen from a storage cabinet.
UConn officials said that the information included undergraduate admissions-related data from 10,174 would-be students who applied to the school between 2004 and 2010.
According to a statement on the UConn website, the theft from the school's information technology department was discovered Aug. 3. A subsequent investigation has determined that none of the data, thus far, has been used for identity theft or other nefarious purposes.
"Steps have been taken to prevent unauthorized access to university computer systems through the device," UConn officials said in the statement.
Jason Pufahl, interim chief information security officer, said that the university would take "corrected steps and, if warranted, disciplinary action."
"We deeply regret this incident," Pufahl said in the statement. "The university takes security of personal data seriously and is continuing its investigation to determine whether any university policies were not followed."
The UConn breach is just the latest in a seemingly neverending series of laptop thefts, portable storage device losses and hacking attacks that have exposed the personal information of hundreds of thousands of universities' students, staff and applicants so far this year.
Most recently, officials at Florida International University in June had to notify more than 19,000 students and 88 faculty members that a database used with the college's E-Folio software was not secured, giving unauthorized users an opportunity to access names, Social Security numbers and other information at their will.
In March, Vanderbilt University officials alerted some 7,000-plus current and former students that their sensitive information was exposed after a desktop computer was swiped from a professor's office.
UConn officials said they are in the process of notifying all 10,174 affected applicants in writing and will offer free credit-monitoring services for two years.