Brian Prince reports:
Reports surfaced this week that the University of Virginia fell victim to a cyber-attack that stole nearly $1 million. Unfortunately for administrators at colleges and universities, their institutions are just as vulnerable to data breach woes as enterprises.
According to reports, attackers used malware to steal online banking credentials for accounts belonging to the University of Virginia’s College at Wise and transferred $996,000 overseas. In addition, there were reports last month that student data from six colleges in Florida was inadvertently exposed after a software upgrade.
According to a new report from Application Security, these incidents underscore problems that are all too familiar for higher education institutions. Between 2008 and Aug. 1, 2010, there were some 160 higher educational data breaches. Many of these, the firm said, were caused by problems such as improper access controls, inadequate data security measures and a lack of common sense and best practices for database security.
Read more on eWeek.
Let’s not forget the threat to K-12 education many of who have no information security programs and out-source thier IT needs to the lowest bidder…
I contacted my state to find out if school districts had to report security breaches to the state (assuming that they even detect them!). I was told that they do not have to report breaches. Oh goody….