PRESS RELEASE

WASHINGTON, DC, August 6, 2009— Institutions of higher education continue to face special challenges when it comes to protecting sensitive data, according to the Identity Theft Assistance Center.

"Colleges and universities have diverse databases of students, staff and employees, often spread across different systems. Schools are making great progress in preventing breaches and protecting this data, but everyone, including students, must be vigilant about making sure those systems aren't breached," says ITAC President Anne Wallace.

The Open Security Foundation, a volunteer nonprofit that tracks data breaches, reports that more than 11 million records stored at colleges and universities have been compromised. Last April, administrators at the University of California, Berkeley, discovered that hackers had accessed records affecting nearly 160,000 individuals " including those who had their social security number accessed.

Colleges and universities especially are targeted by spammers who take over machines to make money rather than steal data, says Joy Hughes, chief information officer at George Mason University. "When spammers and mischief makers gain access to machines on which sensitive data are stored, serious and expensive problems are created for the university," explains Hughes.

Like George Mason, Elon University invests its resources to make sure its systems are secure. But there are other factors that put schools at risk of a data breach, like old paper records and social engineering attacks, according to Chris Fulkerson, Assistant Vice President for Technology and CIO. "It's hard to program a virus or Trojan to take over a system. It's much easier to use an official looking email to ask a student for their user name and password," he says.

To read a Q&A with Joy Hughes and listen to a podcast with Chris Fulkerson, visit the ITAC blog. In the meantime, here are some actions new and returning college students can take to protect themselves: