University admits to third data breach in three months
Computerworld - The University of Florida in Gainesville late last month disclosed that a breach discovered in January exposed personal data on 97,200 students, faculty and staffers who attended or worked at the school between 1996 and 2009.
The latest breach involved a 20-year-old server that hosted free e-mail services and online course offerings for faculty members, as well as Web sites for fraternities and sororities.
The intrusion was discovered during a routine systems review by the university's IT staff, said a spokeswoman. She said the hackers accessed names and Social Security numbers.
The school is notifying most of those affected by the breach, the spokeswoman said, adding that it does not have contact information for about 5,000 potential victims. It is also creating an IT task force charged with finding possible security issues "before they become problems," she said.
Meanwhile, the school said in November that the names, birth dates, Social Security numbers and addresses of more than 330,000 current and former College of Dentistry patients had been exposed in a computer intrusion discovered on Oct. 3.
And an undated statement now on its Web site says a configuration error in the school's LDAP directory server opened a path for hackers to access the personal data of about 100 people.
This version of the story originally appeared in Computerworld's print edition.
Read more about Security in Computerworld's Security Topic Center.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts