Judge Deals Setback to Ohio U Computer Hacking Victims

• By Paul McCloskey
• 09/11/07

A lawyer for two Ohio University alumni who sued the school over losing their personal data in a computer security breach said that a judge's decision to throw out the case is typical of how courts are dealing with the growing problem of computer data theft.

Attorney Marc Mezibov told the Athens (Ohio) News that courts have been hesitant to acknowledge the harm done to a person whose personal information has been stolen in a computer breakin unless it can be tied to a subsequent instance of identity theft.

"It's frustrating," he told the News. "Courts are reluctant to grant the proposition that when personal data is lost ... there is harm," unless the consequences can be proved.

Mezibov represents the plaintiffs in the suit, OU alumni Donald Kulpa and Kenneth Neben, who sued OU in the Ohio Court of Claims in June 2006.

Kulpa and Neben were among tens of thousands of people, including alumni, students, and staff, whose personal data and in some cases Social Security numbers were exposed by hackers. In the suit, the two asked that OU pay for a credit-monitoring program for all victims of the data breach.

But Wednesday, Aug. 29, according to an OU news release, the judge granted a motion by the university to dismiss the suit. The judge  said the plaintiffs had not demonstrated any specific damages they've suffered attributable to the computer hacking.

OU's statement quoted President Roderick McDavis as saying that while he sympathizes with those whose information was hacked, he believes the judge made the right call. "I understand how people felt when they learned that their data may have been exposed, because I was one of those people," said McDavis, a 1970 alum. "It can be frightening to think your personal information could be vulnerable."

Read More:

• Ohio University