WSU Security Breach

[anonyme]

As nearly a million people are reportedly affected, I’m guessing that a few other West Seattle residents also received letters today apprising them of the theft of their personal information from a WSU computer. WSU is ‘generously’ offering a free year of credit monitoring, but I have some serious questions about this incident.

Apparently WSU does a lot of statistical analysis for various government agencies. What I would like to know is why they had personal information, including social security numbers and health information, without any kind of consent or release from involuntary ‘participants’? I can understand running studies without using personally identifiable information, but that is not what was happening here. Why would HIIPA not apply?

I realize that in this day and age there is very little that can be considered private any more. However, there are still some privacy laws in effect and I think they should taken be seriously. In this case, it appears that highly sensitive information was shared widely and casually by numerous entities.

Any lawyers out there?

I would like to know exactly who shared this data, why, and with what legal authority.

Share This

[sunshine]

Agreed. I hope to find out where that data came from. My son never applied at WSU, but we got the letter.

Share This

[The Velvet Bulldog]

I also got a letter. I’m not really surprised by data being used for various things, they do a lot of demographics studies for enrollment, alumni fundraising, etc. It sucks that they never got around to encrypting the older stuff though. Maybe they will now.

Share This

[sam-c]

just now saw this forum post. I got the letter in the mail (as did my spouse) (the day before yesterday?). I was really surprised because we’ve had nothing to do with WSU in the past. didn’t go there for college, apply, visit, or anything, and was wondering why they had this sort of info in the first place. There were links on the letter indicating the opportunity to sign up for credit protection… which led me to believe (the other day) that it was some sort of scam, fishing for data that I’d enter into the website. So, earlier this afternoon, I googled for more info to find out this hard drive really was stolen.
Really frustrating and surprised that I’d hadn’t seen anything on the morning news about it.
Why does WSU have my info? so ridiculous. I know I probably won’t find out from this forum why they had my info, but it is still frustrating as (*&%^)&&^%

they mention this:
“Some individual who attended school in Washington, primarily high school seniors during the years 1998 to 2013, may have had student information on the hard drive.”
but this doesn’t apply to us,… WTF ?!?!?

• This reply was modified 6 years, 10 months ago by sam-c.

Share This

[dcn]

I got this letter too. I have never had any affiliation with WSU. I did attend UW for grad school between the years 1998 and 2013, but definitely not high school. I don’t know how or why they had my info either.

Share This

[anonyme]

You don’t necessarily have to have any connection with WSU for them to have had your data. They were running stats and doing studies for numerous other institutions and government agencies. For me, that still doesn’t answer the question as to why the data was neither encrypted nor anonymized. The bigger question is not why WSU had the info, but who released it to them, why, and with what legal authority? I suspect these questions could (or should) be the legitimate basis for a class action.

Share This

[2 Much Whine]

Huskies, feel free to insert Cougar comment here.

Share This

[Author]

Posts