I’ve visited any number of schools, higher education and universities in the last five years that have been suffering from the “Open Campus” syndrome.
Fundamentally, it’s an attitude on the part of students, teachers/professors and management that their environment won’t be “really” damaged by hackers. In the “Open Campus,” all are good, a few naughty students exist, and information should be available to all.
That is quickly changing, I would imagine, when the students and professors discover that the information that is lost/stolen happens to be their personal information. To wit:
1. In May, 2009 officials at the University of California at Berkeley notified students and the public that hackers had breached a healthcare database at the school, potentially gaining access to the personal information of up to 160,000 students dating back to 1999.
Complicating matters: The breach is thought to have initially occurred in October 2008. Administrators said they didn’t notice it until April 9, 2009, however.
2. Eastern Illinois officials in December 2009 found that hackers accessed a server holding the personal information of more than 9,000 former, current, and prospective students. Hackers had access from March 2000 through November 2009.
3. At Penn State University, more than 30,000 students were told that a series of malware-induced data breaches at computers hosted at three different campus locations had exposed their personal information for an unknown period of time.
I would imagine that the parents aren’t too thrilled, either.