California's law affects any school that enrolls students from California that *might* have been affected by a data breach. What's the chances that a large school has zero students from California?Wouldn't it matter on which state? I know California for instance has strict laws about telling public of breaches, but not sure about other states. I will be calling the Attorney General of the the school's state tomorrow so should have a good answer.
I missed the first part of this lovely conversation, but I gather the IT department was non-responsive? Does the school have a computer security department? If so, have you contact them?
Feel free to contact me privately if you prefer. Paul Schmehl (pauls@xxxxxxxxxxxx) Adjunct Information Security Officer University of Texas at Dallas AVIEN Founding Member http://www.utdallas.edu/
Attachment:
p7sNtHOMgcBJt.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/