Missouri State University Alerts Students on Security Breach

March 7, 2011 - PRLog -- Recently, Missouri State University (MSU) suffered data breach involving around 6,030 students. The data was allegedly leaked by an employee of the University on the Internet. The staff at the University had compiled semester wise lists containing student information for the period 2005-2009 for the accreditation approval process. The information included student names and social security numbers. The breach reportedly took place in the month of November last year, but was only identified last month. The data breach resulted in the exposure of nine lists containing sensitive information of the students on the Internet. All the data pertained to the students who studied at College of Education of the MSU during 2005 and 2009.

Information security professionals of the University are coordinating with Google to remove all the leaked lists from the search engine. Breach of information security may have manifold implications for the affected students. In the recent times, cybercriminals have frequently targeted University databases containing student, faculty and staff data. They scan for weaknesses in the security infrastructure to gain unauthorized access and extract confidential data. In this case, the lists were supposed to be submitted by the concerned staff on a secure server, accessible only by employees of the University involved in the accreditation process. However, the information was allegedly submitted on an insecure server, making all the nine lists extractable through Google search. Lack of employee awareness is one of the major reasons for security lapses and data breaches. University authorities must educate employees on the security precautions needed to ensure safety of confidential information.Online computer degree and e-learning programs may help employees in understanding and implementing safe online computing practices.

University authorities have begun the process of notifying all the affected students. Users must create a fraud alert on their credit reports to prevent unauthorized loans on their account. MSU has decided to pay $7 per each student for consumer identity theft protection insurance. The IT security policy of University must provide for regular evaluation of the IT infrastructure through IT masters degree holders and security auditors. MSU has started punitive action against the concerned employee. Employee activity should be monitored to detect any unauthorized activity. Security professionals must constantly upgrade their technical skills through online technology degree programs to deal with the growing challenges in the IT environment. Information security is crucial to maintain the trust among students, internal staff and the general public. Data breach incidents may lead to negative publicity of the concerned University. As such, educational institutions must have appropriate mechanisms to prevent leakage of confidential information related to students, faculty members and internal staff.

Contact Press

EC-Council
Website:  http://www.eccouncil.org
Email:  iclass@eccouncil.org
Tel:  505-341-3228

EC-Council University is based in Albuquerque, New Mexico and offers Master of Security Science (MSS) degree to students from various backgrounds such as graduates, IT Professionals, and military students amongst several others. The MSS is offered as a 100% online degree program and allows EC-Council University to reach students from not only the United States, but from all around the world.

EC-Council is a member-based organization that certifies individuals in cybersecurity and e-commerce skills. It is the owner and developer of 16 security certifications, including Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI) and EC-Council Certified Security Analyst (ECSA)/License Penetration Tester (LPT). Its certificate programs are offered in over 60 countries around the world.

EC-Council has trained over 80,000 individuals and certified more than 30,000 members, through more than 450 training partners globally. These certifications are recognized worldwide and have received endorsements from various government agencies including the U.S. federal government via the Montgomery GI Bill, Department of Defense via DoD 8570.01-M, National Security Agency (NSA) and the Committee on National Security Systems (CNSS). EC-Council also operates the global series of Hacker Halted security conferences.

# # #

iClass is EC- Council's online training delivery platform. Students can attend live, or recorded training sessions for courses such as Certified Ethical Hacker (CEH), Certified Security Analyst (ECSA) or Computer Hacking Forensic Investigator (CHFI).