October 16
...serving up your daily dish.
Baristanet reader Arnie sent us a tip about a bit of a security gaffe at Montclair State University - who, according to the Star-Ledger's Kelly Heyboer, accidentally had the names and corresponding Social Security numbers for more than 9,000 students on an accessible page on the Internet. The big problem here is that even though that 18 students have come back so far and said their identities hadn't been stolen, that doesn't mean it isn't going to happen six months from now.
October 16, 2005 in Seen in Cyberspace | Permalink
It's our Katie:
Katie Mancine, a fine arts/painting major, said she is frustrated the university still uses Social Security numbers to identify students.
She also said she felt school officials were slow to inform students about the glitch. Many students have not seen the campuswide e-mail warning them about the problem, said Mancine, of Keyport.
"I believe this is big news and nearly three quarters (of) the students at the school have no idea it's even happening," said Mancine, 20. "I hope someone takes this to a lawyer or someone loses a job over this."
Posted by: exit_151 | Oct 16, 2005 1:30:00 PM
it is me! i emailed them the email and they asked me a few questions. i was very excited that they used my answers. i was told the SS# were available for up to 4 months or something. When I searched my SS# on google it came up to the Montclair website, which said the page was no longer available but that means that mine was in fact posted and I am at risk. I usually get mad when someone says MSU is stupid, but this time they really are.
Posted by: katie | Oct 16, 2005 3:08:51 PM
Perhaps it is time for some student activism on the campus of MSU!
"I believe this is big news and nearly three quarters (of) the students at the school have no idea it's even happening," said Mancine, 20. "I hope someone takes this to a lawyer or someone loses a job over this."
Perhaps an area lawyer will volunteer to take up this cause on a pro-bono basis!
Posted by: Franklin | Oct 17, 2005 12:35:14 AM
someone said they found out someone opened a credit card in their name at old navy last month. which means this is the first reported case of identity theft most likely due to MSU. does anyone know a lawyer, such as franklin proposed, that would help us out or talk to us?
Posted by: katie | Oct 17, 2005 4:01:29 AM
Why they don't pass a law that states any business or organization that makes private information public - regardless if it was unintentional - must be held accountable for all costs to the consumer/victim.
These "accidents" happen way to often, if it was going to cost the companies -or in this case a university- money you know they'd be more on top of this.
Posted by: hrhppg | Oct 17, 2005 9:30:58 AM
Katie:
I dont know of a lawyer, but would recommend that you write a letter to the editor of the MSU student newspaper.
Perhaps there are other students on campus who are 'mad as hell' and ready to take some action.
Posted by: Franklin | Oct 17, 2005 3:22:48 PM
The story was on the 11:00 TV news (ABC, I think) last night.
Posted by: Chris | Oct 17, 2005 3:59:52 PM
Yeah, there are a bunch of students trying to get things together, trying to get something like a class action suit together. We'll see how it all goes.
Posted by: katie | Oct 18, 2005 1:57:29 AM
I'm no lawyer but pretty sure you would have to have some loss and be able to prove it was due to your info being posted before you would have any kind of case.
If there was a case to be made you would not have to be asking about a lawyer. They would be skulking about already.
Posted by: stealth | Oct 18, 2005 7:27:07 AM
Whether a lawyer steps up to the plate on this issue or not -- it will be well worth while for the students of MSU to speak out on this and other campus issues i.e. parking, military recruiters on campus, ROTC on campus, etc.
Dont Mourn Organization - Carpe Diem!!
Posted by: Franklin | Oct 18, 2005 6:24:46 PM
Absolutely correct Franklin. They need all those things there.
Posted by: stealth | Oct 18, 2005 8:20:45 PM
Editorial from the MSU campus paper:
===========================
The Montclarion - Opinion
Issue: 10/20/05
--------------------------------------------------------------------------------
Exposed Error By MSU
By Karl DeVries
Like a senile grandfather, we all understand that Montclair State University has its occasional slip-ups and mistakes. In the past, their previous faults included the massive overbooking of residents, forcing the use of hotels, their decision to begin major construction projects before replacement parking was made available and the lack of maintainance in several of the campus buildings, to name a few. But all of these pale in comparison to the lastest MSU gaffe, one that puts over 9,100 students at serious risk.
That the school allowed the social security numbers of these students to be published online for almost five months is a blunder on an incomprehensible level. As a reminder, one's SSN is extremely sensitive information; should this number fall into the wrong hands, it could mean the destruction of one's credit. In essence, a person could assume another's identity, leading to all kinds of potential problems.
The school is refusing to release the name of who is responsible for this, claiming that the case is "under investigation." Of course, it seems that virtually all of the cases mentioned every week in the police blotter are also "under investigation," but only in the rarest of circumstances is any progress ever made. The school is shying away from the basic accountability that students are rightly asking for, which means that if someone is having problems with their credit, they don't have an individual to blame.
This story is remarkable in regards to the ease in which this information was attainable; the fact that an MSU student was able to stumble upon his most personal data by simply entering his name on Google.com is startling. Also, how did MSU fail to notice this for five months? Had this been the SSN of President Susan A. Cole, surely that mistake would have been corrected immediately.
Outside media sources, from the Channel 5 News (WNYW), to Newsweek and The Star-Ledger have all been reporting on this story, meaning that it is both of local, state and national interest. The school's response to the affected students? An insincere email, designed to politely placate those abused by the University's aloofness. The school didn't even bother to send out a physical, formal letter.
Maybe that's because they know that if they were to do so, they'd be alerting the parents of MSU students, who pay money to send their sons and daughters here. As a first response, all students should speak to their parents immediately and inform them of MSU's culpability. They should also be sure to review their credit history to make sure no suspicious activity has occurred.
As the student watchdog group The Montclarion was established to be, this newspaper demands that the administration provide an identity as to who's responsible for this. If MSU has any shred of integrity they will reveal this as soon as possible. This personal security breach is more than just a simple mistake by MSU; this is an outrage of the highest order.
--------------------------------------------------------------------------------
Posted by: Franklin | Oct 21, 2005 9:19:53 AM
