UNC data breach exposes 163,000 SSNs
School of Medicine at Chapel Hill hacked
Computerworld - The University of North Carolina at Chapel Hill on Friday began notifying about 163,000 women about the potential compromise of their Social Security numbers and other personal information after a hacker breached a system containing the data.
The breached server belonged to the UNC School of Medicine and contained information that was collected as part of a federally funded mammography research project. The system contained records on a total of 236,000 women, of which about 163,000 included Social Security numbers.
Matt Mauro, chairman of the university's Department of Radiology said the breach was first discovered in July when a researcher reported problems accessing the system. A subsequent investigation by the school's information systems staff revealed that the system had been hacked.
Though the breach was discovered in July, there are indications that the actual intrusion may have taken place as long as two years ago, Mauro said. "We think we found some viruses that date back to 2007," he said.
The breached server received information from 31 different sites across the state, Mauro said. When the breach was discovered, the system was taken offline immediately and has remained that way since July, Mauro said.
The sites that were sending the information to UNC have stopped doing so for the moment, while stronger precautions are implemented to prevent a similar breach in future, he said.
The reason that notifications have only just started going out is because UNC technology officials and an external forensic team have required time to piece together the extent of the compromise and to figure out exactly who may have been affected by it, Mauro said.
So far, investigations have revealed nothing to suggest that the persons responsible for the break-in have downloaded or modified the data in any way. "But you just don't know for sure. You have to be suspicious and you have to notify," he said.
Read more about Cybercrime and Hacking in Computerworld's Cybercrime and Hacking Topic Center.
- Silicon Valley's 19 Coolest Places to Work
- Is Windows 8 Development Worth the Trouble?
- 8 Books Every IT Leader Should Read This Year
- 10 Hot Hadoop Startups to Watch
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Infographic: Converged Infrastructure Benefits This Infographic quantifies the savings organizations are realizing from increased deployment speed, higher availability, and lower annual costs.
- CIOs Deliver Productivity Breakthroughs with Intelligent Digital Signage Retailers have long recognized the influence that digital signage provides over a shopper's point-of-purchase decision making process.
- Going Paperless? Here's What You Need to Think About As makers of some of the world's most popular PDF solutions, we often consult with businesses & governmental agencies that have the goal...
- The Big Data Opportunity for HR and Finance If CEOs, CFOs, CIOs, and CHROs want to drive their businesses forward, they will need to quickly recognize the enormous value of big...
Enhance Your Virtualization Infrastructure With IBM and Vmware
Date: Wednesday, May 14, 2014, 1:00 PM EDT
Virtualization technology is now expanding beyond the server compute elements to encompass networking and storage...
Transforming Finance, Procurement and Supply Chain Effectiveness with Cross-Functional Analytics
Date: May 6th, 2014
Time: 1 PM EDT
Attend this Webcast to find out how Oracle's packaged analytic applications enable line-of-business managers to examine all...
All Cybercrime and Hacking White Papers |