Re: Stolen UC Berkeley Laptop Exposes Personal Data of Nearly 100,000

[InfoSec News <isn () c4i org>]

Forwarded from: Mark Bernard <Mark.Bernard () TechSecure ca>

Dear Associates,

I'm sorry but Universities and Colleges aren't very good gages on the
growth of identity theft. The incident is more likely to be a measure
of stupidity.

These institutions are high risk for attacks because they need to be
open to share information, so I wouldn't even consider it a good
measure of some student hacker's skills. I hope that whoever
perpetrated this crime doesn't think that s/he's accomplished
something.

What I would like to see is students take more responsibility and
control over their private information. I know the thought that the
words 'student' and 'responsibility' are in the same sentence doesn't
make sense to some of us. I also think that student bodies need to
step up to the plate here and show some leadership by helping their
constituency protect themselves.

Best regards,
Mark.


Mark E. S. Bernard, CISM, CISSP, PM,
Principal, Risk Management Services,

e-mail: Mark.Bernard () TechSecure ca
Web: http://www.TechSecure.ca
Phone: (506) 325-0444


Leadership Quotes by John Quincy Adams: "If your actions inspire others to 
dream more, learn more, do more and become more, you are a leader."


----- Original Message ----- 
From: "InfoSec News" <isn () c4i org>
To: <isn () attrition org>
Sent: Tuesday, March 29, 2005 8:54 AM
Subject: [ISN] Stolen UC Berkeley Laptop Exposes Personal Data of Nearly 
100,000


> http://www.washingtonpost.com/wp-dyn/articles/A7653-2005Mar28.html
>
> By MICHAEL LIEDTKE
> AP Business Writer
> March 28, 2005
>
> SAN FRANCISCO (AP) -- A thief has stolen a computer laptop
> containing personal information about nearly 100,000 University of
> California, Berkeley alumni, graduate students and past applicants,
> continuing a recent outbreak of security breakdowns that has
> illustrated society's growing vulnerability to identity theft.
>
> University officials announced the March 11 theft on Monday under a
> state law requiring that consumers be notified whenever their Social
> Security numbers or other sensitive information has been breached.
>
> Notifying all of the 98,369 people affected by the UC Berkeley
> laptop theft could prove difficult because some of the students
> received their doctorate degrees nearly 30 years ago, university
> officials said.
>
> The laptop -- stolen from a restricted area of a campus office --
> contained the Social Security numbers of UC Berkeley students who
> received their doctorates from 1976 through 1999, graduate students
> enrolled at the university between fall 1989 and fall 2003 and
> graduate school applicants between fall 2001 and spring 2004. Some
> graduate students in other years also were affected.
>
> The stolen computer files also included the birth dates and
> addresses of about one-third of the affected people.



_________________________________________
Network Security - http://www.auditmypc.com
Free vulnerability test - How secure is your computer?