Cal State students affected by third-party breach

October 19, 2015 Arctic Wolf Networks

Nearly every industry has felt the reach of hackers and data breaches, and higher education institutions are increasingly learning how impactful these events can be. A number of colleges and universities across the world have experienced cyberattacks and other situations where student and faculty data have been compromised. Recently, Cal State saw first-hand how a data breach can not only affect students, but can also damage the institution's reputation.

Detailing what happened
It's becoming a fact that data breaches can happen anywhere at any time, and can be a result of internal errors or mistakes made by a provider. The vendor We End Violence was hired by Cal State to provide a noncredit online class on sexual harassment, which is required of all students under state law. According to the L.A. Times, there was reportedly a vulnerability in the underlying code of the program that exposed the personal information of nearly 80,000 students, across eight campuses.

The breach compromised data relating to campus-issued email addresses, log-ins and passwords used for the course, in addition to the gender, race, sexual identity and relationship status of participants. Other details like driver's license numbers, Social Security numbers and credit card information were not affected. However, this information could be utilized for phishing emails and to identify students based on their use of the program. In an effort to stem the damage, We End Violence took down its website to investigate the issue and has been responding to the concerns of affected students by providing a toll-free hotline to directly answer questions.

Cyber attacks using the compromised data can be mitigated using a number of different tools. However, a comprehensive security information and event management solution can be one of the most effective tools to detect a breach. Most security tools are designed to detect external threats. Many of the threats these days establish themselves on a single compromised endpoint and then spread internally. The external threat detection tools would be unaware of the additional internal endpoints that are compromised.

Breaches hitting higher education
Cyberattacks and breaches are becoming more commonplace, and higher education is a major target. According to Privacy Rights Clearinghouse, 727 breaches in the industry were made public from 2005 to 2014. Each breach exposed more than 27,000 records on average. In addition, 73 percent of reported breaches knew the number of records compromised – this leaves over a quarter with missing information and potentially doubles or triples the total number of affected records.

While these numbers point to a growing number of breaches on the education sector, further data shows that institutions are protecting their documents better than other industries. Although education had the second largest number of breaches, it had the second lowest number of exposed records. This is a testament to the steps many of these institutions are taking to secure their essential information.

"Many speculate that higher education's culture of openness and transparency encourages breach reporting by institutions, even when such reporting is not legally necessary," Educause stated. "Higher education as a unique sector has long engaged in cooperative activities designed to improve the information security posture of all institutions."

By investing in security information and event management, higher education institutions can help prevent such events from spiraling out of control by tracking and mitigating unusual behavior early on. These solutions will not only help keep information secure in the long run, but also provide a means for long-lasting protection strategies.

Cybersecurity news and analysis brought to you by Arctic Wolf, leading provider or managed SIEM services.

Previous Article
New malware strains sweeping the scene

With the new malware threats out there, companies need to prepare accordingly. 

Next Article
Lack of SIEM enables improper data sharing, putting thousands of job applicants at risk

Due to the lack of detecting improper sharing of data with an unapproved vendor, information on thousands o...


Want cybersecurity updates delivered to your inbox?

First Name
Last Name
Thanks for subscribing!
Error - something went wrong!