Dive Brief:
- Washington State University recently had to send a letter to one million people explaining that their personal information, including social security numbers, may have been stolen, when thieves broke into an Olympia storage locker in April 21st and stole a safe containing the backup hard drive the university had used to save personal data on, reports The Seattle Times.
- WSU currently still doesn't know whether the thieves were able to get into the safe and access the data on the hard drive, which was being stored off-site by the institution's Social & Economic Sciences Research Center. WSU officials do know, however, that some of the files were encrypted and password protected, but recognize that the thieves figuring out how to hack the information is likely.
- In response to the breach, WSU has offered those potentially affected — anyone who could have been in the system from 1998 to 2013 — a year subscription to free credit-monitoring and identity-theft protection.
Dive Insight:
Higher education institutions have been stepping in recently to try to fill cybersecurity gaps, as an increase in attacks around the world has called for greater demand of employees in government and private industry. Places like Texas A&M University at College Station are doing this by offering more degrees, certificates and tutorials in the field. Recent events at Washington State University, however, show that administrators ought to turn a reflective eye from outward cybersecurity threats to how they are internally protecting the highly sensitive data of their students and stakeholders.
Some institutions have tried to meet cybersecurity threats by enhancing IT knowledge among students and faculty, by instructing them on the effects of weak passwords, showing them how to identify and report suspicious emails, and enhancing overall awareness of dangerous content online. This type of instruction is an important step in securing information on campus, but is evidently not enough to completely safeguard against potential hacking in the actual infrastructure of data management. The data breach at WSU reflects to administrators the importance of updating existing IT management facilities, perhaps moving data on hardware to a more secure location on-site, looking into outsourced cloud data management options, and implementing two-factor authentification rules on data encryption and storage, in order to ensure that student data is not being accessed by a nefarious third party. Addressing this concern now is critical as students, who are coming into college with greater knowledge of how computer systems work, demand higher level of security from their institutions.