Dave Hendricks reports:

Computers at two Ohio University campuses contained Social Security numbers that weren’t encrypted or protected from theft, internal auditors told university trustees in a meeting today.

[…]

The findings, which come nearly four years after hackers breached five university servers containing medical records and Social Security numbers, underscore the difficulty of locking down sensitive data at a large university. A researcher at Eastern Illinois University who tracks data breaches at colleges and universities documented 174 incidents in 2008, up nearly 25 percent from 2007.

To prevent another major security breach, OU President Roderick McDavis and Brice Bible, his technology chief, centralized control over university computers. The move comes amid a $40 million project to replace the university’s aging computer network and install a new student records system.

Read more in The Columbus Dispatch.