Embarrassed UTA Alumnus writes "My former college, the University of Texas at Arlington, just made the now-all-to-common announcement that student data — including Social Security numbers, e-mail addresses, grades, and other information — were on several recently stolen personal computers. The computers were from the home of a Computer Science lecturer, and perhaps more worrisome was the fact that they were the only stolen items in the incident. I had the displeasure of taking one of the lecturer's courses a few years ago, and anyone from his courses since the year 2000 is affected. In response, UTA is providing free 90-day 'fraud monitoring' (not full credit reports), and no disciplinary action has been taken against the lecturer who lost the data."
In situations like this, what can a student do when a large institution loses critical private information, makes only a token effort to fix the problem, and lets the people involved continue in practices that may make a similar, or more serious breach occur in the future?
"The data was not encrypted. The lecturer in question is one of the CS faculty at UTA who all conveniently guarded one another, so I guess I shouldn't expect more from him in that area. More importantly though, no one should have had this data on their personal computers, and Social Security numbers should not have been included at all. Furthermore, even without the concern of theft, I seriously question the need for years-old private student data. It is suspicious at the very least.
The UTA PR department is already trying to bury the issue with vague claims of new efforts to hire a system-wide CIO who would be responsible for all 15 UT system campuses. The lecturer in question responded to the student newspaper with 'no comment' each time they attempt to interview him.
I feel like the university should do more, including seeking disciplinary action against all involved. What can I do, short of keeping an eye on my credit and letting the school get away with yet another blunder?"