A new article was recently published in Databreaches.net that calls for a congressional inquiry of the MCCCD security breach. The breach at MCCCD exposed the identity of 2.5+ million people for life. It could have been avoided as clearly shown in this timeline of events.
The MCCCD administration was warned multiple times by their employees and members of the community. They chose to ignore all warnings and scapegoat employees. Even at this juncture, MCCCD may still be at risk as disclosed in recent Governing Board minutes. If the 2011-2013 warnings were not enough, the MCCCD Administration and Governing Board still refuse to meet with employees and address remaining security issues presented to them as recently as April 2014.
In a recent development, the FTC has file a complaint against Wyndham Hotels for failure to protect consumer personal information. The MCCCD security breach is much larger than the Wyndham case and it goes to show that when it comes to consumer protection and privacy of information it does not matter whether an organization is private or public.
MCCCD is now dealing with a $6.25 billion class action lawsuit, the threat of potential bankruptcy, disgusted Board Members, future issues with bond ratings, employee attrition, drop in enrollment worth millions, stonewalling of the media, damage to its reputation in the community and millions of taxpayer dollars being wasted in lawyers. Whether education or private sector, a security breach is a security breach. If the FTC plans to hold those in private industry accountable, they should do the same in all industries.