Michigan State University disclosed recently that its online store had suffered a data breach in which the names, addresses and credit card numbers of 2,600 people who had shopped at the store which sells the school’s branded merchandise between October 19, 2019 and June 26, 2020 were compromised.  Data breaches at colleges and universities are common. The reason for targeting universities and colleges is simple.  Generally they maintain tremendous amounts of personal information and many schools have not done a good job of securing the sensitive information they hold.    Colleges and universities have much personal information that is often easily accessible within the school’s computer systems.  Too often schools have permitted the information to be on unencrypted laptops and flash drives.   In addition many schools do not have sufficient security programs in place to limit access to personal information, which the universities keep in their computers long after it is necessary to be kept, such as Social Security numbers for students who have long since graduated.

TIPS

Colleges and universities must make a greater commitment to data security. Data breach prevention systems should be implemented that include, but not be limited to updated firewalls, limited access to personal information, purging of unnecessary information  and encryption.  Personal information should not be as open and available as they presently are at this time at many universities.  if you are someone who is a victim of the Michigan State data breach, you should contact the University and accept its offer of  free credit monitoring.  You also should put a credit freeze on your credit report because credit monitoring only tells you that you have become a victim of identity theft after the fact.  A credit freeze can protect you from becoming a victim in many instances.  This data breach is also a reminder to everyone not to use debit cards when making purchases either online or at a brick and mortar store because the law does not protect you nearly as much if your debit card is used for fraudulent purchases as the protection you get when your credit card is used by a scammer.  This incident is also a reminder to us all that we are much safer using our EMV chip cards whenever possible.  EMV chip credit cards when used in a brick and mortar store create a one time code to be used for each purchase that is worthless to a hacker.  Unfortunately, EMV chip protection is not available when you use your credit card for online purchases.

For those of you receiving the Scam of the day through an email, I just want to remind you that if you want to see the ever increasing list of Coronavirus scams go to the first page of the http://www.scamicide.com website and click on the tab at the top of the page that indicates “Coronavirus Scams.”  Scamicide was recently cited by the New York Times as one of three top sources for information about Coronavirus related scams.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”