Cornell in Crisis

Cornell University is in trouble. A laptop was stolen containing 22,546 social security numbers of students -- half were alumni -- and 22,731 social security numbers for faculty and staff, including 4,284 retirees.

The files on the computer containing the names and social security numbers were not encrypted and the laptop was left in a physically unsecure environment, which violates University policy, according to Simeon Moss '73, director of Cornell University Press Relations.

Moss said that the data on the laptop contained “no other sensitive data elements” besides names and social security numbers and the University is “confident” that it has identified everyone whose data was on the computer.

This isn't the first time Cornell has been hacked:

Last June, a computer at Cornell used for administrative purposes was hacked, and the University alerted 2,500 students and alumni that their personal information had potentially been stolen. In 2005, the University alerted over 900 individuals that their personal information was stored on a computer that had been inappropriately accessed.

One wonders why Cornell appears to so casually protect vital identifying information that can publicly wound the innocent and destroy a private life?

There is a lack of urgency in Cornell's security and protection policy and if the university want to continue to attract the best and the brightest -- and the most ripe for ripping off -- the school needs to condemn those at fault, punish them beyond relief, and restore a sense of urgency and intimidation against any and all threats against those it is vested to protect.