Education Data Security in 2007 and Beyond
Educational Security Incidents (ESI) Year in Review for 2007 has published a document outlining the security breaches affecting the education market for the year.
So far in 2008, nearly half of the data breaches have occurred in the educational community, mostly at the college campus level. In recorded breach history, higher education has accounted for just over 25% of all breaches, so the start of 2008 has not been very promising for this market.
In 2007, there were 139 breaches, totaling more than 1.2 million records, affecting 112 institutions - numbers that have gone up by more than 50% since 2006. More security incidents were the result of employee errors in 2007 than in 2006.
Highlights from the ESY Year in Review 2007 Report:
- Information Security incidents were the result of:Â
- Unauthorized Disclosure - 38%
- Theft - 28%
- Penetration 22%
- Type of Information exposed:Â
- Personally Identifiable Information - 129 incidents & 1,244,851 records
- Social Security Numbers - 103 incidents & 1,085,708 records
The report gives details on all the educational security incidents in 2007, and breaks that data down in many different ways.
You can download the full report here [PDF]
Via The Dunning Letter, ESI Tags: data breaches, breach, breaches, education, education industry, education field, data security, it security, data loss
One Comment on “Education Data Security in 2007 and Beyond”
March 20th, 2008 at 3:11 pm
It may be interesting to follow up with the campus police departments in some of the schools that have reported breaches to see what, if any, role that they were asked to play.
I say this because I have knowledge of the physical theft of two PC’s that were taken from a campus and were recovered within hours of discovery. The investigation reveals how important physical security played a role in this theft and the importance of a quick thorough criminal investigation.