A vendor contracted by Oregon State University recently caused a massive
data breach by copying information for tens of thousands of students to his personal computer.
The personal information for more than 21,000 students who received emergency student aid or payroll withdrawals between 1996 and 2009 was exposed in the incident, according to a report from Portland television station
KVAL. The vendor claims he did not know that taking the data off-site would be a problem.
"He was actually giving us a demonstration of what the upgrade would look like," OSU director of Business Affairs Aaron Howell told the news station. "And our manager of our cashier area said, 'Uhh, wait a minute. That's live data I'm looking at!'"
While an investigation found that all data remained on the vendor's computer, the school couldn't rule out the possibility of someone else having viewed it, the report said.
Ondrej Krehel, the chief information security officer for
Identity Theft 911, writes regularly on his blog about the issues consumers face as a result of
data breaches, whether they're accidental or caused by hacking attacks.
© 2003-2012 IDentity Theft 911, LLC. All Rights Reserved