Welcome to the SecAware blog

I spy with my beady eye ...

7 Jul 2005

SSNs exposed by college server hack

In yet another college server hack, personal information including Social Security Numbers have been exposed. The college has belatedly removed SSNs from the server but why they were there in the first place is not clear. "If someone has a name and Social Security number, they can apply for a credit card, so this is a major issue". A separate news story reports that "many colleges and universities used a student's social security number as their primary student identifier, until recently [and] some schools still have not stopped the practice." In the UK and other countries, SSNs are not generally used as secrets for personal authentication purposes and individuals need to provide additional information such as something proving their home addresses: the US seems behind the curve on this one.
More anti-hacking resources

No comments:

Post a Comment