NC: WCU ID security breached

[lyger <lyger () attrition org>]

http://www.citizen-times.com/apps/pbcs.dll/article?AID=/20080323/NEWS01/80322062

The news arrived by mail, and it was unsettling.

Someone had hacked into a computer and had access to the Social Security 
numbers of 555 graduates of Western Carolina University who had signed up 
for a newsletter.

[.]

The compromised information was on a computer server managed by the 
Department of Business Computer Information Systems and Economics. And it 
was hacked several times, as long ago as 2006, said Bil Stahl, chief 
information officer at WCU.

"We know the data was taken off the server, but we don.t have any evidence 
that their data was used," he said.

Social Security numbers were included in the stolen information because up 
until last fall, campuses in the University of North Carolina system could 
use those digits as student identification numbers. While the practice was 
stopped then, old data on servers remains vulnerable.

[...]
_______________________________________________
Dataloss Mailing List (dataloss () attrition org)
http://attrition.org/dataloss

Tenable Network Security offers data leakage and compliance monitoring
solutions for large and small networks. Scan your network and monitor your
traffic to find the data needing protection before it leaks out!
http://www.tenablesecurity.com/products/compliance.shtml