Data Backup Digest

Just in case anybody is still unclear about the potential dangers posed by hackers in the 21st century, the recent incident at Jacksonville State University provides a crystal clear example. While it was originally reported that one of the university's own students was arrested for stealing the personal information of students and faculty members, which was then later posted online, later reports revealed that two separate students, both of which were students at JSU, were arrested in connection with the case. At least one of the students involved is a juvenile, but the suspect is expected to be charged as an adult in this case.

A press release posted to JSU's website read, in part: "The university learned on Feb. 23 that a peripheral system with limited information was accessed on campus and placed online. The compromised information was the result of an internal security violation and not the result of an external “hack,” as reported by outside sources. Those impacted by this security violation include students who have been accepted for admission. We have no evidence that social security numbers, credit cards or any other banking information has been accessed. We will continue to keep the public updated as information develops."

The Incident

The incident occurred in late February 2014, when a peripheral system was accessed on the university's campus. It took only a matter of hours for that information to then be published to a website, which includes full names, phone numbers, ID photos, birthdates and even home addresses of various students, staff members and faculty at the university. The incident was purportedly executed in order to highlight problems with JSU's data storage and security practices.

While campus officials and local police are still investigating the issue, students have already expressed concern and, in some cases, anger toward the situation. Some students were eased by the news that suspects were already in custody, but others are genuinely afraid of identity theft, fraud and similar problems.

Highlighting Serious Problems

This case highlights a number of serious problems with the way data is stored, processed and handled in the 21st century. Moreover, this incident also brings to light some of the havoc that can be caused by someone who has physical access to these data storage systems, as it seems to be the case here. Either way, the IT team with JSU is now forced to react swiftly and, potentially, haphazardly, as opposed to taking a proactive stance to begin with.

While a proactive approach may have not prevented this specific incident from happening, it certainly would have been much more difficult if the students in question didn't have physical access to drives and systems containing such sensitive data.

If nothing else, the recent problem at JSU serves as a fine example of how corruption inside an organization, in this case, a university, can be just as damaging as external hackers and other threats. With attacks coming from all sides, safeguarding this data from prying eyes and malicious hands isn't as straightforward as it used to be.