SMCC breach could cost $140,000-plus

Load articles

The cost of cleaning up a security breach that occurred last month at Southwest Mississippi Community College could range upward of $140,000. While the school is insured for the breach, officials say that ensuring the financial safety of its students and employees would be worth every penny.

The breach, which affected 6,792 students and employees, occurred when a crashed server was brought back online, the college has said.

The leaked information dated back to 2002.

SMCC President Dr. Oliver Young said last week that the college has notified all potential victims and is urging them to take advantage of fraud alert protection and other services the college is making available through the Identity Theft Resource Center, a California-based nonprofit organization.

The college hired the center within hours of learning of the breach, Young said.

The cost of fixing the problem will be based on how many students take advantage of the fraud alert services through Identity Theft Resource Center, said Grady Smith, vice president of business affairs.

“If everyone on the list took advantage of the fraud alert, the maximum would be — plus hiring the company and stamps (for the notification letters) — would be in excess of $140, 000,” Smith said.

“But … based on this company and what the insurance company told us, the average response in a case like this is roughly 20 percent response to an offer to get fraud alert or credit monitoring. So that’s like a little over $30,000, and we are insured.”

As of Oct. 31, 641 of the people affected had responded to the offer for fraud alert notification.

Young said the college went the fraud alert route because it occurs when a person opens an account in someone else’s name, whereas credit monitoring occurs only after charges on an account have been made.

SMCC vice president of instruction Alicia Shows said no credit card numbers or bank account information was involved, although students’ Social Security numbers were leaked.

The information “really only would be something you would use to create a new account,” she said. “So the fraud alert is a lot more proactive.”

Shows said the resource center was complimentary of the college’s response.

“Within a week of the first time we were notified, everything was removed, everyone was notified, and they said that was a tremendous effort for the people here and that it showed we were really working toward being fair to the students and employees affected,” Shows said.

The incident was not the first breach in Mississippi.

According to the watchdog site privacy records.org, the SMCC breach was the fifth in the state, dating back to an incident with several thousand city workers and water system customers in Hattiesburg in 2006.

Perhaps the largest breach in Mississippi occurred when the secretary of state’s Web site listed more than 2 million filings in which thousands of Social Security numbers were exposed. In December 2006, the private information for approximately 2,400 students and staff was posted on the Mississippi State University Web site. The only other incident affected an undetermined number Winn-Dixie pharmacy customers in Pascagoula.

One of the largest breaches that could have involved area students occurred in July 2007 when the Louisiana Board of Regents discovered that the private information for 80,000 students and staff had been posted on the Internet for up to two years.

The SMCC breach was one of many that happen nearly every day. A check of privacy records.org, which updates security breaches daily, shows that approximately 266 have occurred in 2008, and more than 245,207,093 records have been compromised since 2005.

“If you look at the list of occurrences, it’s just about every other calendar day,” he said. “This has been going on really since technology and the Internet and paying bills on the Internet. … It shocked me. I had no idea that it was so frequent.”

Or, as the watchdog site indicates, that it could happen to anyone — from disabled veterans to the families of high school students to pharmacy customers.

“Mississippi State has a cyber crimes department … and if it can happen to them with their expertise and the resources they have to prevent something, then that pretty much tells you it can happen to most anyone,” Young said. “The equipment, the servers, etc., are not completely failsafe, I guess.

“My information was out there, some of my children’s information and other employees, their information was out there,” Young said. “And you know that we do everything we can, not only to protect our employees, but our students.”

https://www.enterprise-journal.com/news/smcc-breach-could-cost-140000-plus

Save Local News.

Donate to the Enterprise-Journal!

Local news coverage is critical for a strong and vibrant community.

Unfortunately, local publications are dying because of monopolistic Big Tech. Over 30% of all newspapers are expected to close within the next three years.

Help support local news by making a donation today. You would be supporting a local institution, founded upon principles of integrity and strong editorial standards. Unlike social media, we vet sources, fact-check, and have roots embedded in our local community.

Support us. Support local news.

Donate OR Subscribe

Did you enjoy this article?

Click here to view this author's last article or here to see all of their content.

0 Comments

No Comments!

Community Polls

Contact Information

Follow Us

Our Apps