BreachExchange mailing list archives

Previous By Date Next
Previous By Thread Next

UNCG Discovers Health Information Security Breaches; 2,500 Being Notified

From: security curmudgeon <jericho () attrition org>
Date: Wed, 11 Aug 2010 01:26:14 -0500 (CDT)


---------- Forwarded message ----------
From: InfoSec News <alerts () infosecnews org>

http://www.uncg.edu/ure/news/stories/2010/aug/breaches080910.htm

By University Relations
Contacts: Michelle Hines, (336) 334-3207
Lanita Withers Goins, (336) 334-3890

Posted 8-9-10

GREENSBORO, N.C. -- Computer security breaches at two UNCG clinics allowed 
unauthorized access to information about more than 2,500 individuals.

The university has mailed letters to the last known addresses of those 
whose personal information was exposed and posted notices on the clinics? 
websites. The two computers infected with malware via the Internet were in 
the university?s Speech and Hearing Center and Psychology Clinic.

Although the problems were discovered days apart in June, they are 
believed to be unrelated. Employees of the clinics and Information 
Technology Services have been working since then to determine what records 
were vulnerable and who might be affected. It is not known how long the 
breaches lasted before detection. Although it was determined that the 
malware would have allowed access to data on the computers, it is unknown 
whether any information was actually taken from the computers.

?It is our responsibility to secure the information of individuals who 
come to us for health services, and that is a responsibility we take very 
seriously? said David H. Perrin, provost and executive vice chancellor. 
?We apologize to everyone whose records were vulnerable and ask them to 
closely monitor their credit for unauthorized activity. We fixed the 
security breaches as soon as they were detected, and we have taken steps 
to minimize the potential for future breaches.?

[..]
_______________________________________________
Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org)
Archived at http://seclists.org/dataloss/

Get business, compliance, IT and security staff on the same page with
CREDANT Technologies: The Shortcut Guide to Understanding Data Protection
from Four Critical Perspectives. The eBook begins with considerations
important to executives and business leaders.
http://www.credant.com/campaigns/ebook-chpt-one-web.php
Previous By Date Next
Previous By Thread Next

Current thread: