A state college in Denver believes it may have lost sensitive information on more than 93,000 students after one of the school’s laptop computers was stolen from an employee’s home late last month.The unnamed employee of Metropolitan State College had been using the information, including student names and Social Security numbers, to write a grant proposal, the college said Thursday. The data, which appears to have been unencrypted, was also being used by the employee to write a master’s degree thesis, the school said. The laptop was stolen on Feb. 25, but Denver police asked the school to wait until March 1 to go public with news of the theft to help with the ongoing investigation. Students who registered for Metropolitan State courses between the 1996 fall semester and the 2005 summer semester are now being notified of the incident via letter, the college said.Although there is no evidence that any of this data has been used for identity theft, there are a number of unanswered questions related to the incident. One question is whether the sensitive information was actually stored on the computer at the time of the theft, according to college President Stephen Jordan. “The employee does not recall whether he had deleted those files from the laptop,” he said in a statement.A second question is whether the employee should have been storing this type of data outside of school premises for the purposes of a master’s thesis. The college is “investigating whether the employee had obtained permission … to use the data in his thesis,” the college said. The college is now reviewing its policies regarding laptops, particularly related to unencrypted information, Jordan said.The college website includes tips on avoiding laptop theft, and on preventing stolen information from being used following such an event.The college did not immediately return calls seeking comment for this story on Friday.For related coverage, read Ore. Health Data Breach Results in Loss of 4 Jobs and When the Dike Breaks: Responding to the Inevitable Data Breach.Keep checking in at our CSO Security Feed page for updated news coverage. -Robert McMillan, IDG News Service Related content news Okta launches Cybersecurity Workforce Development Initiative New philanthropic and educational grants aim to advance inclusive pathways into cybersecurity and technology careers. By Michael Hill Oct 04, 2023 3 mins IT Skills Careers Security news New critical AI vulnerabilities in TorchServe put thousands of AI models at risk The vulnerabilities can completely compromise the AI infrastructure of the world’s biggest businesses, Oligo Security said. By Shweta Sharma Oct 04, 2023 4 mins Vulnerabilities news ChatGPT “not a reliable” tool for detecting vulnerabilities in developed code NCC Group report claims machine learning models show strong promise in detecting novel zero-day attacks. By Michael Hill Oct 04, 2023 3 mins DevSecOps Generative AI Vulnerabilities news Google Chrome zero-day jumps onto CISA's known vulnerability list A serious security flaw in Google Chrome, which was discovered under active exploitation in the wild, is a new addition to the Cybersecurity and Infrastructure Agency’s Known Exploited vulnerabilities catalog. By Jon Gold Oct 03, 2023 3 mins Zero-day vulnerability Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe