U Hawaii Settles Data Breach Class Action Suit -- Campus Technology

Cybersecurity

U Hawaii Settles Data Breach Class Action Suit

By Dian Schaffhauser
01/30/12

The University of Hawaii system has settled a class action lawsuit filed on behalf of 96,000 students, faculty, staff, and alumni who were part of five alleged data breaches at four institutions between 2009 and 2011. The university, which has denied liability in the settlement, will provide two years of credit monitoring and credit restoration services to those whose personal data was exposed online and participated in the lawsuit.

"We have researched more than 40 data breaches at colleges and universities across the country. In almost every instance, two years of credit monitoring and fraud restoration were offered to data breach victims," said Bruce Sherman, one of the attorneys representing the class involved in the lawsuit. "Offering two years of credit monitoring and fraud restoration services to breach victims should be the standard response by any breaching entity in Hawaii, including government agencies."

According to Thomas Grande, who worked with Sherman on the suit, credit monitoring services cost as much as $5 to $15 per month if purchased individually. "We are extremely pleased that the University has negotiated a settlement package that provides these services to every class member who wants them," Grande said.

However, that's a fraction of the cost to the organization that suffers a breach, according to research by privacy and security research firm Ponemon Institute. The results of its 2011 survey, "U.S. Cost of a Data Breach Study," estimated that American companies spend $214 per compromised record. That includes the direct costs of a breach, such as notification and legal defense expenses, but also indirect costs such as lost business due to customer churn.

The credit monitoring service for U Hawaii recipients will be provided by Kroll Background America. Under the terms of the settlement, potential recipients of the service will be notified by letter and email by March 1, 2012.

"The university continues to work diligently so that the chance of future data breaches is significantly reduced," the institution said in a statement. "Given the uncertainties and expense of litigation, the university believes this settlement is in the best interests of the university and its entire 'ohana.'"

Among the breaches was one in 2010 that exposed the Social Security numbers of about 40,000 students who attended the University of Hawaii Manoa. Another breach earlier that year involved 53,000 students, and a 2009 breach affected 15,487 parents and students.

About the Author

Dian Schaffhauser is a former senior contributing editor for 1105 Media's education publications THE Journal, Campus Technology and Spaces4Learning.

E-Mail this page

Printable Format

Featured

Network to Code Launches AI Assistant for Enterprise Network Teams

Network automation firm Network to Code has launched NautobotGPT, an AI-powered assistant aimed at helping enterprise network engineers create, test, and troubleshoot automation tasks more efficiently.
New AI Tool Generates Video Explanations Based on Course Materials

AI-powered studying and learning platform Studyfetch has launched Imagine Explainers, a new video creator that utilizes artificial intelligence to generate 10- to 60-minute explainer videos for any topic.
AWS Updates AI Offerings with Amazon Nova Premier, Llama 4, Anonymous User Q Business Chatbots

Amazon Web Services (AWS) has made a number of AI moves to maintain its position alongside fellow cloud giants Microsoft and Google.
Federal Court Rules AI Training with Copyrighted Books Fair Use

A federal judge ruled this week that artificial intelligence company Anthropic did not violate copyright law when it used copyrighted books to train its Claude chatbot without author consent, but ordered the company to face trial on allegations it used pirated versions of the books.