Cornell Computer Theft Puts 45,000 At Risk of Identity Theft - Slashdot

Slashdot

Cornell Computer Theft Puts 45,000 At Risk of Identity Theft 91

Posted by timothy on Wednesday June 24, 2009 @06:16PM
from the into-the-gorges-with-the-thief dept.

PL/SQL Guy writes "This afternoon, Cornell alerted over 45,000 current and former members of the University community that their confidential personal information — including name and social security number — had been leaked when a University-owned computer was stolen. A Cornell employee had access to this data for troubleshooting purposes, and the files storing the sensitive information were being stored on a computer that was not physically secure. The university is not disclosing details about the theft. This isn't the first breach for Cornell; last June, a computer at Cornell used for administrative purposes was hacked, and the University alerted 2,500 students and alumni that their personal information had potentially been stolen."

This discussion has been archived. No new comments can be posted.

Cornell Computer Theft Puts 45,000 At Risk of Identity Theft

Search 91 Comments Log In/Create an Account

Comments Filter:

Social security numbers are worthless (Score:5, Interesting)

by Jimmy_B (129296) writes: <slashdot.jimrandomh@org> on Wednesday June 24, 2009 @06:28PM (#28459837) Homepage

At this point, social security numbers are so widely distributed that the only sensible thing to do is to publish them all in the phone book, so no one will be able to pretend they mean anything. If a scammer wants to use someone else's identity to defraud a bank, then the black market will sell them cheap and in bulk. The real problem is that creditors are allowed to issue debts without attempting to contact the person whose name they're using, and then try to collect those debts when the scammer runs off with the money.

Share
twitter facebook linkedin
Re:Keeping User Data in a University.... (Score:5, Interesting)

by LaskoVortex (1153471) writes: on Wednesday June 24, 2009 @06:34PM (#28459913)

I was once emailed word file with about 300 student's names, birthdates, social security numbers, and yes, user passwords for their university accounts. It was not encrypted and it was unsolicited--she needed help "opening" it. I promptly encrypted the file, deleted the original from my pop account, and then went to her computer and changed the name to have a ".doc" suffix. She was magically able to open it after that.
These are the people we entrust with our sensitive information.

Parent Share
twitter facebook linkedin
I wonder (Score:2, Interesting)

by Anonymous Coward writes: on Wednesday June 24, 2009 @06:43PM (#28460013)

how many times identity theft isn't reported, the high school I went to had a case reported that some kids had stolen the SS numbers from the schools network. I know because I was called in and questioned about it. I didn't do it, and I don't know if they ever found out, I don't think they did as no one was expelled. The IT Department was totally fucked though as a network with vulnerability like that was... well you get the idea.
I was on the network and saw some teachers files however, so I wonder if some other kids got further than I did. I knew not to let my, "young curiosity" go any further. College applications, let alone scholarships were at stake and fooling around the network like that was not worth not going to college.
My point being, this was reported, and the results were inconclusive, what if they questioned the person who actually got the SSN's, and he got away with it. I wonder if a few credit cards in my name will be opened up in Asia in a few years, or already.

Share
twitter facebook linkedin
Re:Keeping User Data in a University.... (Score:4, Interesting)

by hairyfeet (841228) writes: <bassbeast1968 AT gmail DOT com> on Thursday June 25, 2009 @01:21AM (#28463055) Journal

It isn't just universities. One Sunday I'm relaxing with a smoke after having to come into class to help those behind when I get a call "Where yo at?" I'm at class, just got done. Why? "You ain't gonna believe this shit. I'm about 10 blocks north of you. You got your truck?" yep, what else would I drive? "Good. Get over here NOW"
So I get over there to where Chuck works at and the Teleco next door has put out a ton of 1.5-3Ghz boxes out on the curb. Being a nice Sunday and I don't mind a little exercise for some free parts I helped Chuck load them up, in return for picking a couple of the nicer ones for me of course. We get them to his place, unload them and I say "let's fire them up to see if any has an OS or if they have been stripped. Now not only do these boxes still have the nice little XP Pro OEM stickers on them, but the OS is STILL installed and they didn't bother deleting squat. Accounts, CC numbers, the whole nine yards was just sitting their unencrypted on the drives. Most didn't even need a username to log on. Lucky for them we just wanted the PCs and not the data or we could have had ourselves an ID theft field day.
So it isn't just the schools. Over the years you'd be surprised how many "throw aways" I've ended up with that had major data on them. CC numbers, bank accounts, just stupid the amount of data they leave. I'm frankly shocked that MORE data theft hasn't occurred than what we have seen. I guess a lot of the guys are like me and just want a free PC and wipe the suckers.

Parent Share
twitter facebook linkedin

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

Related Links Top of the: day, week, month.

717 commentsThe First Fully 3D-Printed Gun Has Been Successfully Test-Fired
656 commentsPrintable Gun Downloads Top 100k In 2 Days, Thanks to Kim Dotcom
621 commentsFormer FBI Agent: All Digital Communications Stored By US Gov't
604 commentsBruce Schneier On the Marathon Bomber Manhunt
579 commentsSupreme Court Rules For Monsanto In Patent Case

Paralysis through analysis.