BreachExchange mailing list archives

Previous By Date Next
Previous By Thread Next

Hackers Reportedly Access Thousands Of UNC-Lineberger Private Files

From: Erica Absetz <eabsetz () opensecurityfoundation org>
Date: Sun, 6 Jan 2013 22:54:13 -0500
http://chapelboro.com/Hackers-Reportedly-Access-Thousands-Of-UNC-Lineber/15197571

CHAPEL HILL-Thousands of people have had their private data publically
exposed, after hackers reportedly got into a server at UNC’s
Lineberger Cancer Center.

The Chapel Hill News reports that the victims found out shortly after
Christmas, when center director Dr. Shelley Earp sent out letters of
apology; center employees found out about the breach last spring.

The incident affected about 3,500 individuals, exposing information
such as their Social Security and passport numbers. In the letter,
Earp told the victims that authorities have no way to know whether the
data will be misused. The situation reportedly didn’t involve any
patient information, although it did involve a small number of people
who were subjects in research projects.

So far, no identity thefts have been reported; nonetheless all of the
victims have been encouraged to place fraud alerts or security freezes
on their credit cards.

A similar situation occurred in 2009, after hackers got into a server
that housed data from a UNC School of Medicine breast cancer study.
That incident affected 180,000 women and cost $250,000 to fix.
_______________________________________________
Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security equips organizations with security intelligence, risk
management services and on-demand security solutions to establish
customized risk-based programs to address information security and
compliance challenges. 

Tenable Network Security (http://www.tenable.com/)
Tenable Network Security provides a suite of solutions which unify real-time
vulnerability, event and compliance monitoring into a single, role-based, interface
for administrators, auditors and risk managers to evaluate, communicate and
report needed information for effective decision making and systems management.
Previous By Date Next
Previous By Thread Next

Current thread: