UNC Charlotte: 350, 000 SSNs exposed in decade-long breach (fwd)

[security curmudgeon <jericho () attrition org>]

---------- Forwarded message ----------
From: InfoSec News <alerts () infosecnews org>

https://www.computerworld.com/s/article/9227078/UNC_Charlotte_350_000_SSNs_exposed_in_decade_long_breach

By Jeremy Kirk
IDG News Service
May 10, 2012

Two issues exposed financial data and Social Security numbers for 350,000 
people, although it is thought the information has not been abused, the 
University of North Carolina at Charlotte said.

The university said in a statement earlier this week that it has fixed 
both problems, one of which lasted three months and the other more than a 
decade.

It blamed a system misconfiguration and incorrect access settings for the 
exposures, which also involved names and addresses of people who had done 
transactions with the university.

"The university has no reason to believe that any information from either 
of these incidents was inappropriately accessed or that information was 
used for identity theft or other crime," it said.

[...]
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security equips organizations with security intelligence, risk
management services and on-demand security solutions to establish
customized risk-based programs to address information security and
compliance challenges. 

Tenable Network Security (http://www.tenable.com/)
Tenable Network Security provides a suite of solutions which unify real-time
vulnerability, event and compliance monitoring into a single, role-based, interface
for administrators, auditors and risk managers to evaluate, communicate and
report needed information for effective decision making and systems management.