More than 7,000 students attending City College of New York this week are beginning to receive notices from school officials that their names, social security numbers and other personal information were exposed after a school laptop was stolen last month.
According to a post on the Educational Security Incidents (ESI) blog, the laptop was stolen a couple weeks ago. It was password-protected, but not encrypted and, thus far, CCNY officials have found no evidence suggesting that student data has been used for identity theft or other illegal endeavors.
CCNY officials said the school is in the process of reviewing its security procedures and has established a hotline for affected students to call for more information and to ask questions about protecting and monitoring their credit information as a result of the breach.
CCNY joins the ranks of dozens of other colleges and universities that have been targeted by thieves and hackers looking to mine their huge reservoirs of personal information for social security numbers and other hard-to-find information that could be used for identity-theft scams.
Just last month, University of Connecticut officials had to notify at least 10,000 people who applied to the university over a six-year period that a laptop containing their personal data was swiped from a locked storage cabinet.
In July, hackers managed to infiltrate a pair of servers at the University of Maine, putting the names, social security numbers, addresses and other vital information of several thousand students at risk.
According to the Ponemon Institute, a security-research firm, more than 800,000 data-sensitive memory devices — including USB drives, hard drives and laptops — are either lost or stolen each year.
Follow eSecurityPlanet on Twitter @eSecurityP.