Data breaches can be costly, so executives need to
work together–and get staff up to speed
BY ED FINKEL
Just before the holidays, several high-ranking officials at San Juan College in Farmington, New Mexico, received urgent e-mails from the college president that said the president was in a meeting with fundraisers and needed them to hop online and buy $500 gift cards, scan the cards so their codes were visible and reply
with the scans attached.
Or at least the e-mails appeared to come from the president. In fact, the e-mail
address belonged to scammers who intended to use the gift card codes for their own
thieving purposes. Unfortunately, one of the recipients followed their instructions.
“Our president doesn’t send those kinds of messages,” says Edward DesPlas, executive
vice president at San Juan. Yet the recipient figured, “This is highly unusual, but if the
president wants it, they’re going to get it.” But others alerted the information technology
department, which sent out an e-mail asking people to ignore the requests. “This is an
anecdotal situation of something that was pulled off by dealing with human weakness,
and people’s desire to please the boss,” he says.
Community colleges aren’t quite as high on the list of hackers and scammers as
institutions like banks, hospitals and four-year research universities, yet the institutional and personal data stored on their servers and in the online cloud can be
C Y BER-SECUR E