Ohio State University says unauthorized individuals accessed a server containing personal information of some 760,000 former and current faculty, staff, students and applicants, exposing names, Social Security numbers, dates of birth and addresses.
"With the right people, process and technology, you could be able to put a system together that would greatly reduce the impact these types of attacks have," says cybersecurity expert Eric Cole, a SANS Institute faculty fellow.
Community hospitals must become more vigilant about information security, especially as they apply for federal electronic health records incentive payments, says Chuck Christian, CIO at Good Samaritan Hospital in Vincennes, Ind.
What's embarrassing about the WikiLeaks episode isn't just the precarious position the publication of diplomatic cables put the U.S. in with its allies but the likelihood that one, low-level analyst accessed sensitive data without authorization and then leaked them.
The Department of Veterans Affairs has taken steps to help ensure thumb drives lacking encryption cannot be plugged into its computers. The move comes following the discovery of an unencrypted drive containing personal information on veterans.