Across the Sooner State, students, faculty, and staff at the Oklahoma State University can rest a little easier after a server breach that hit over 70,000 individuals. Although the company IdentityTruth beat Lifelock to the punch on this one, it’s always reassuring to know that for-profit companies are willing to step in every now and then and help clean up the mess when it affects innocent people.

This particular breach affected people at OSU who had purchased parking and transit permits over the past six years. The data specifically included social security numbers, addresses, and names; fortunately the credit card records were kept protected. A stolen laptop, the start of all of this, exposed the records and personal data of 37,000 students, faculty and staff, and the university responded by transitioning most of its services to random 8-digit identifying numbers for students instead of using SSNs. However, the server used for the parking and transit services had not been updated and for that reason it was hit.

Although IdentityTruth jumped at this “opportunity”, I can’t help but wonder if those affected at Oklahoma State weren’t a little disappointed that the university didn’t come through with one of the larger, more experienced identity theft protection companies: Lifelock. Although IdentityTruth offers “$2 million dollars” in protective services, their actual services post-breach are substantially less impressive than Lifelock’s so although I’m sure it provides some sense of peace of mind for those left exposed, I’m not entirely convinced that provides a whole lot more than that.

From the Daily O’Collegian (the OSU student paper): “Even though personal data was exposed, there is no indication any of that information has been misused or any identity theft has occurred. OSU officials have removed the confidential information from the database.

“This breakdown in security is totally unacceptable,” said OSU President Burns Hargis. “We are conducting a full review and will take whatever steps are necessary to protect our network from unauthorized access. This is a serious matter and we will deal with it aggressively. We regret the circumstances and concern this situation has caused.” ”

Hopefully, IdentityTruth won’t have to work very hard for this one since it doesn’t appear that those affected are in a great deal of danger–and that’s good with their unproved services.