![]() ![]() In response to the breach, the university said it would establish a task force to look at the management of digital documents. Because the independent firm SU partnered with to send the notification letter had to track down the mailing addresses of applicants and others not enrolled at the university, the process took considerable time still, SU said it believes its response time was average or slightly above average, officials said. State law requires that institutions inform people of data breaches via U.S. SU officials defended their handling of the breach during an interview with The D.O. The lawsuit alleges that SU’s four-month delay notifying those affected by the breach compounded the actual and potential harm of the security failure. The university sent letters to those whose information was exposed on Feb. ![]() 4, but it was unable to confirm whether files containing names and Social Security numbers had been accessed. The firm finished its investigation on Jan. 6, SU hired a firm that specializes in data security to assist with the investigation. The department didn’t detect that any files were accessed or copied by the unauthorized party but couldn’t prove that the files weren’t accessed either, said Steven Bennett, senior vice president for international programs and academic operations, told The D.O. 28, and SU’s Information Technology Services tried to establish what information had been exposed. The university locked the compromised account on Sept. 25 after a university employee fell victim to a phishing attack in which the employee clicked a link and exposed their credentials to a “malicious actor.” The breach the lawsuit refers to occurred late on Sept. ![]() The university doesn’t comment on pending litigation, said Sarah Scalese, senior associate vice president for university communications, in a statement to The Daily Orange. The plaintiff filed the case after an unauthorized charge was made to his checking account following the breach. The class action lawsuit, which was filed in Onondaga County Supreme Court on Thursday, alleges that inadequate cybersecurity protocols and poor staff training at SU left thousands of people’s personally identifiable information vulnerable. Get the latest Syracuse news delivered right to your inbox.Ī Syracuse University student affected by a data breach that exposed the names and Social Security numbers of nearly 10,000 students, alumni, and applicants is suing the university for negligence. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |