Play
Ithaca's Real Rock Radio Station
Email
RSS
Twitter
Facebook
advertisement | your ad here
Honda of Ithaca - 2010
Mostly Cloudy
52° - Mostly Cloudy
 
 
Cornell Suffers Massive Security Breach
Social Security Numbers Stolen
WVBR News
| June 23, 2009
7comments
Add Your Voice
A stolen Cornell University computer has compromised the personal information of thousands of members of the University community. The computer contains the names and social security numbers of current and former students as well as current and former faculty and staff members.
'''Related Stories:''' -[[link|url=http://wvbr.com/news/663]]Students React to Security Breach[[end-link]] -[[link|url=http://wvbr.com/news/662]]Text of the E-Mail[[end-link]]
The affected people totaled 22,546 current and former students and 22,731 current and former faculty and staff, amounting to 45,277 people in the Cornell community. The breach appears to have affected recent graduates, as well as students enrolled during the 2008-2009 school year. There have been no reports of students entering in the 2009-2010 school year who have been affected.
Cornell to Offer Fraud Assistance
An internal memo sent Friday from University Auditor Mike Dickinson was obtained by WVBR. The message said that currently, no misuse of this sensitive information has been found. Also in the message, Cornell said that they have enlisted the help of Kroll Fraud Solutions to "provide fraud counseling and credit monitoring services at the university's expense." The social security numbers and names on the computer are not believed to be encrypted, meaning that anyone can access the data by simply opening a file. WVBR spoke early on Tuesday afternoon with University spokesman Simeon Moss who confirmed that a security breach had occurred and that an internal investigation is now underway. Moss declined to comment further. Law enforcement officials have been notified and further investigation is pending.
University to Contact Affected Individuals
Shortly after WVBR broke the story on Tuesday, the University notified all students and staff affected by the breach via e-mail late in the afternoon. The e-mail contained preliminary information about the breach and came in advance of formal notifications via U.S. mail. Click [[link|url=http://wvbr.com/news/662]]here[[end-link]] to read the text of the e-mail sent to affected members of the Cornell community. The official letter will contain a full description of the services the University is offering at its expense. A call center will also be established and a set of frequently asked questions, accessible at [[link|url=http://faq-june2009.cuinfo.cornell.edu/]]http://faq-june2009.cuinfo.cornell.edu/[[end-link]] has been issued to those people whose information has been affected.
Computer Stolen Earlier in June
The computer itself was stolen earlier this month, though University officials only became aware of the security issues late last week. The computer had been issued to a member of the Cornell technical staff, who was correcting transmission errors found in the processing of files. The data was being used for troubleshooting, and under information security policy, should have been in a physically secure location. University officials have stated that the employee's actions violated this policy. The University has not yet stated from where the laptop was stolen. However, Cornell and Ithaca police logs indicate two thefts of computers this month. One investigation, on the Cornell campus, is closed. Another, describing the theft of a laptop and a backpack from a vehicle on Seneca street, remains pending. The Ithaca Police Department would not confirm whether that investigation is related to the security breach. Stay tuned to WVBR for continuing coverage and keep your browser on WVBR.com for updates. WVBR will also have exclusive interviews with Cornell officials as the story develops.
Share Your Thoughts
Alum from NYC | July 7, 2009, 1:57am
This is totally ridiculous. The mere fact that someone was able to download personal information of 45K people and store it on his/her laptop is just beyond my imagination...Not only should this person be fired, the entire Tech department needs to be restructured!

Alice Dunkley from Bakers Mills, NY | July 6, 2009, 5:47pm
As a disabled retiree of Cornell University I am appalled at the notice I received today JULY 6 concerning a breach of security at the University. I have spent 5 hours closing bank accounts and credit card accounts all through an oxygen canula. I am enraged that it took a week to notify me that my financial security is a thing of the past. I feel raped by the system.

Student from Cornell | June 23, 2009, 8:28pm
It doesn't hurt to put your credit on fraud alert for 90 days just in case. Better safe than sorry

Geoffrey Bacon from Washington, DC | June 23, 2009, 7:29pm
I was affected by this. I want this person fired.

Cornell University Employee from Cornell | June 23, 2009, 5:20pm
The e-mail that they sent out to the "victims" looks like spam! The return address is data-theft-june2009@cornell.edu.

Paul from Warmer climes | June 23, 2009, 4:55pm
Emails were sent out to people affected by the theft.

Lisa from Cornell University Employee | June 23, 2009, 3:30pm
Announced to who? I've been at work all day and have heard nothing from the university!
Name
Town
Please enter the text seen in the image below:
Note: Comments by logged in Rock n' Roll Nation users will appear immediately. All others must be approved by a moderator.
Hi: 57°
Lo: 41°
Mostly Cloudy
Fri
Partly Cloudy
57°
41°
Sat
Chance of Rain
59°
43°
Sun
Partly Cloudy
54°
37°
Mon
Partly Cloudy
57°
50°
StockWatch
 
LAST
CHANGE
15,545.75
 73.01 (0.47%)
3,919.71
 10.91 (0.28%)
1,756.54
 6.77 (0.38%)
Local Stocks
103.13
 2.34 (2.32%)
126.81
 1.12 (0.89%)
13.79
 0.09 (0.66%)
80.52
 0.01 (0.01%)
112.53
 1.78 (1.56%)
49.32
 1.12 (2.22%)
Gas Gauge
Big Red Blogroll
advertisement | your ad here
Perrywinkles Jewelry