Keylogger malware found on three UC Irvine health center computers

Share this article:

More than 1,800 University of California (UC), Irvine, students, as well as nearly two-dozen non-students, are being notified that they may have had unencrypted personal information compromised after keylogger malware was discovered to have been on three Student Health Center (SHC) computers for about six weeks.

How many victims? An investigation is ongoing, but it is estimated that 1,813 students and 23 non-students were impacted. 

What type of personal information? Names, addresses, phone numbers, student ID numbers, non-student patient ID numbers, health and dental insurance policy ID numbers, bank names and check numbers for services paid by check, amount of payment received by SHC for services rendered, Current Procedural Terminology descriptions and codes, and ICD-9 codes and diagnoses.

What happened? The California Information Security Office (CISO) notified UC Irvine that one of the computers in the SHC had been infected by malware. An investigation then revealed that three computers had been infected with keylogger malware for about six weeks.

What was the response? The three infected computers were taken down from the network. SHC employees were required to change their passwords. A report was filed with law enforcement and an investigation is ongoing. Regularly performed campus-wide reviews of data security practices are being expanded and all SHC computers are being upgraded with anti-virus and other security programs. All impacted individuals are being notified and offered a free year of monitoring services.

Details: CISO notified UC Irvine on March 26 that one of the SHC computers contained malware. The infection lasted from Feb. 14. to March 27. The malware sent the unencrypted information to an IP address outside the UC Irvine network.

Quote: “We have no indication that the data [has] been fraudulently used,” according to a statement emailed to SCMagazine.com on Thursday.

Source: A statement emailed to SCMagazine.com on Thursday.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

RECENT COMMENTS

FOLLOW US

More in The Data Breach Blog

Malware on Breyer Horses website for about 18 months, payment card data ...

Malware installed on the computer server hosting the Breyer Horses website may have compromised personal information for people who made purchases between March 31, 2013 and Oct. 6.

Transcript website flaw exposed personal data on 98k users

NeedMyTranscripts.com expose users' names, addresses and dates of birth, among other information, due to a site flaw that one user discovered.

Sourcebooks payment card breach impacts more than 5,000 customers

More than 5,000 customers had personal information stolen, but roughly 9,000 notification letters were sent out as a precautionary measure.