Hacked UMaine server leads to exposed personal data

Sensitive data belonging to people who made web-based purchases at the University of Maine's (UMaine) Orono Campus may have been stolen after the school's server suffered a security breach.

How many victims? 3,825

What type of personal information? Social Security and credit card numbers.

What happened? One of UMaine's servers was hacked, exposing the personal information of 2,818 customers who made online purchases using a web-based tool hosted by the school.

What was the response? Local, state and federal authorities are currently investigating the situation and are working with an identity protection firm to notify individuals whose information has been compromised. Those affected will receive free identity protection, including credit monitoring, for one year.

Details: The web-based application used by customers, developed by UMaine's Computer Connection store, was licensed to share with the University of Arkansas, which was believed to have had up to 1,007 transaction records on the server. Officials at the school became aware of the breach after reading an article online posted by a gang of hackers known as Team GhostShell. They notified UMaine on April 27 and the server was promptly shut down.

Quote: “Any time these attacks occur anywhere in the world, it heightens our awareness and vigilence,” said Janet Waldron, vice president for finance and administration at UMaine.