Hawaii's first data breach: Uni settles with 98,000 victims

Powered by SC Magazine
 

Offers victims two-years credit reporting and fraud protection.

The University of Hawaii has settled a class-action data breach lawsuit brought by nearly 100,000 students, faculty, alumni and staff.

The suit relates to five breaches including one involving the inadvertent posting online of personal information by a faculty member who uploaded sensitive files to an unencrypted web server.

Details included names, Social Security numbers, addresses, birth dates and educational data.

In another incident, hackers gained access to the university's Manoa parking office computer server that contained the personal data of 53,000 individuals, including 40,870 Social Security numbers and 200 credit card numbers.

The university agreed to provide two years of credit and fraud protection services as part of the agreement.

Attorneys for the plaintiffs said Thursday that this marks the largest-ever class-action and first-ever data breach lawsuit to be settled in Hawaii.

“Offering two years of credit monitoring and fraud restoration services to breach victims should be the standard response by any breaching entity in Hawaii, including government agencies,” attorney Bruce Sherman said.

Members of the class -- 98,000 in all -- will be notified by 1 March of the settlement, which still is subject to court approval.

“The University of Hawaii engaged an expert external consultant to review its information security policies and practices across the university system, including all ten campuses, and is now actively implementing the recommendations as a system-wide security program," a spokeswoman told SCMagazine.com.

This article originally appeared at scmagazineus.com

Copyright © SC Magazine, US edition


Hawaii's first data breach: Uni settles with 98,000 victims
 
 
 
Top Stories
ATO shaves $4m off IT contractor panel
Reform cuts admin burden, introduces KPIs.
 
Turnbull introduces data retention legislation
Still no definition of metadata to be stored.
 
Crime Commission prepares core systems overhaul
Will replace 30 year-old national criminal database.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
In which area is your IT shop hiring the most staff?




   |   View results
IT security and risk
  27%
 
Sourcing and strategy
  12%
 
IT infrastructure (servers, storage, networking)
  21%
 
End user computing (desktops, mobiles, apps)
  14%
 
Software development
  25%
TOTAL VOTES: 432

Vote
Would your InfoSec team be prepared to share threat data with the Australian Government?

   |   View results
Yes
  54%
 
No
  46%
TOTAL VOTES: 208

Vote