Missouri State University Faces Data Breach

By Author: eccuni
Total Articles: 211
Comment this article

Recently, Missouri State University (MSU) suffered data breach involving around 6,030 students. The data was allegedly leaked by an employee of the University on the Internet. The staff at the University had compiled semester wise lists containing student information for the period 2005-2009 for the accreditation approval process. The information included student names and social security numbers. The breach reportedly took place in the month of November last year, but was only identified last month. The data breach resulted in the exposure of nine lists containing sensitive information of the students on the Internet. All the data pertained to the students who studied at College of Education of the MSU during 2005 and 2009.

Information security professionals of the University are coordinating with Google to remove all the leaked lists from the search engine. Breach of information security may have manifold implications for the affected students. In the recent times, cybercriminals have frequently targeted University databases containing student, faculty and staff data. They scan for weaknesses in the security infrastructure ...
... to gain unauthorized access and extract confidential data. In this case, the lists were supposed to be submitted by the concerned staff on a secure server, accessible only by employees of the University involved in the accreditation process. However, the information was allegedly submitted on an insecure server, making all the nine lists extractable through Google search. Lack of employee awareness is one of the major reasons for security lapses and data breaches. University authorities must educate employees on the security precautions needed to ensure safety of confidential information. online computer degree and e-learning programs may help employees in understanding and implementing safe online computing practices.

University authorities have begun the process of notifying all the affected students. Users must create a fraud alert on their credit reports to prevent unauthorized loans on their account. MSU has decided to pay $7 per each student for consumer identity theft protection insurance. The IT security policy of University must provide for regular evaluation of the IT infrastructure through IT masters degree holders and security auditors. MSU has started punitive action against the concerned employee. Employee activity should be monitored to detect any unauthorized activity. Security professionals must constantly upgrade their technical skills through online technology degree programs to deal with the growing challenges in the IT environment. Information security is crucial to maintain the trust among students, internal staff and the general public. Data breach incidents may lead to negative publicity of the concerned University. As such, educational institutions must have appropriate mechanisms to prevent leakage of confidential information related to students, faculty members and internal staff.