The University of Wisconsin Law School has just announced that it is notifying more than 1,200 people who applied to the law school during 2005 and 2006 due to its computers being hacked resulting in the stealing of personal information about the former applicants including Social Security numbers. Over the last few years, I have informed you numerous times about major data breaches occurring at American colleges and universities including Harvard, MIT and Penn State. Colleges and universities are frequent targets of hackers. While sometimes, the goal of these hackings have been to gain information for companies and countries to use for both commercial and national defense purposes, often colleges are targeted by hackers seeking personal information for purposes of identity theft. One reason that colleges and universities are such a tempting target for identity thieves is that they gather and retain so much personal information on applicants, students, faculty and alumni. Making the problem worse is that college and university computer networks are generally readily accessible by so many people that it becomes difficult to secure these networks.
Colleges and universities gather and keep much personal information for which they have no real need, such as the Social Security numbers of applicants, as was the case with the University of Wisconsin Law School or Social Security numbers of alumni. Coupled with lax security at many colleges and universities, this gathering and storing of personal information for which the schools have no need or storing that information when the need no longer exists puts the people whose information is affected in great danger of identity theft. It is important for all of us to always inquire as to any company or institution that has personal information of ours as to what they do to keep this information secure.