Two laptops were removed from a locked office during the first weekend of September at Carnegie Mellon University; these laptops contained personally identifying information about students.
It took Carnegie Mellon a month to alert students to the theft of two laptops from the office of a computer science professor. The information was not encrypted on the machines, according to a report from the student newspaper, The Tartan.
Though the theft took place on or about September 2, the school did not notify students until September 29. One student told The Tartan that his request for Carnegie Mellon to pay for credit monitoring was refused by the school.
The director of the school’s Information Security Office, Mary Ann Blair, thinks students who took the unnamed professor’s courses between summer 2004 and spring 2006 could be impacted by the theft.
Investigators think the thefts were for the laptops’ value as a commodity, and not for their data. The rationale for that holds the thieves would try to sell them for a quick profit.
However, that view doesn’t account for the potential misuse a buyer could do with the information on those machines. We don’t think it’s likely the thief or thieves will vet their buyers for good intentions.
More: continued here
If you're new here, you may want to subscribe to my RSS feed. Thanks for visiting!