My daily trip to the mailbox has been anxiety-provoking the last few days… I fear that stuffed between the bills, magazines and Christmas cards, there will be a letter from my alma mater, UCLA, stating that my personal data may be in the hands of hackers who apparently gained access to a giant database containing personal information for 800,000 current and former students, faculty and staff members. Read more here. UCLA is not alone.
It seems there has been a steady stream of stories about hacked databases, stolen laptops and compromised/exposed personal data. Those affected have included students, consumers, and veterans. In this age of spam, spyware, bots, worms and phishing… why isn’t more personal data encrypted? During the eight years it took me to pay off student loans (from another UC), every month I’d get a bill with my social security number doubling as my account number. These statements had my full legal name, address, social security number and other details printed all in once place – talk about one-stop shopping for potential ID theft. I also recall being instructed to write my account number (social) on my check. If you think of all this private data out there and the potential for ID theft as it passes through various channels – pretty scary.
Well, what is the answer then? Bolting laptops to desks? Standards and mandating for encrypting data? Rules for disposing and retaining data (does a school really need to store social security numbers of graduates from 15 years ago)? We’ll be watching.