Those are the words printed in Greek on the official Boston College seal. I'm a proud Eagle, BC graduate, and since graduating from BC have tried hard to live up to those words. BC, however, recently failed to live up to them.
Today it was reported that BC's alumni database was hacked. The Social Security Numbers (SSN) of 137,000 alumni were exposed. BC is recommending that alumni contact their financial services institutions to alert them to the breach.
How'd it happen? Apparently, from the published report, the database not only held SSNs that did not have to be stored but it was also outside of the BC firewall. Wow. What security architect approved that?
Educational institutions tend to have fairly open boundaries to support the ethic of academic freedom. But SSNs are credentials that need to be protected. Every organization must assess the need to store SSNs, if they are not essential, don't keep them in the record. It's time for Academia to take note and provide the proper controls.
BC - you did not excel for your alumni this week. My alumni wish is that moving forward BC takes some of the $441 million USD raised in the "ever to excel" capital campaign to improve IT controls and risk management. Knowing that my SSN was hacked through BC doesn't make me a happy alumni. And if some of the money raised in capital campaigns doesn't go towards protecting my data that still resides at BC, you can be darned sure I'm not going to be motivated to contribute to future campaigns.
"Ever to Excel" - that includes IT BC. Take note.
Posted by Diana at March 18, 2005 04:14 PM