A stolen laptop computer has caused a migraine for the University of Nebraska-Lincoln's Institute of Agriculture and Natural Resources.
While in Rome last month, an IANR consultant's laptop computer was pilfered. The consultant helps manage IANR retirement benefits.
Concerned that someone might get access to close to 900 IANR staffers' and former staffers' Social Secuity numbers, UNL hired a Wisconsin law firm to assist in managing the fallout. Those who could be affected have been offered a year's worth of identity theft protection through Experian.
NU spokeswoman Melissa Lee said the university has no reason to believe that the thief has tried to gain access to information.
In this brave new world of instant-access information technology, organizations must be on guard for computer hacks and breaches that can lead to identity theft.
"It's unfortunate that security incidents are part of the world that we live in today," Lee said. She said UNL police and Rome law enforcement were informed of the theft. "Needless to say, we're continuing to monitor" the situation.
Lee said there's no way to know yet how many will take UNL up on the offer of identity theft protection, but it will cost the university about $9 per taker. UNL also has hired Michael Best, a Madison, Wisconsin, law firm, to help the university warn staffers about potential problems.
"A laptop got stolen," Lee said Monday. She added that she didn't want to make too much or too little of the matter. The university has acted "out of an abundance of caution," she said.
UNL felt compelled, at some inconvenience and cost, to notify all of those whose identity information — Social Security numbers, names, addresses, phone numbers and email addresses — could be jeopardized if the laptop thief has sophisticated, sinister intentions.
The laptop was password protected but not encrypted. A letter was recently mailed from the Michael Best law firm in Wisconsin to numerous IANR employees and former employees. The letter is signed by Michael Boehm, vice chancellor of IANR at UNL.
The law firm has expertise in minimizing the threat of data breaches and responding to cybersecurity challenges.
Doug Rausch, director of Bellevue University's cybersecurity program, said security entails "a balance between protection and convenience." Rausch said an organization can make its system secure by asking users to log in repeatedly and requiring multiple passwords or long, complicated passwords. But that, he said, is inconvenient.
When there is trouble, Rausch said, "the faster you can react to it and notify folks, the better." A breach can lead to credit card numbers being exposed, he said, and being sold on the black market. He said data breaches weren't heard of as often 10 years ago because society wasn't posting as much sensitive information digitally in accessible places.
Lee said the "bad guys" are trying to hack into organizations' and companies' information systems "every hour on the hour." She said the NU system deals with cybersecurity incidents up to a couple of times a year in which identity protection services are offered.