January 10, 2013

UNC cancer center servers attacked to expose info of 3.5K

Attackers compromised the servers of a North Carolina cancer center to expose the sensitive information of thousands of employees, educators and contractors.  

How many victims? About 3,500, mostly employees, contractors and visiting lecturers.

What type of personal information? Social Security and passport numbers.

What happened? In May, it was discovered that two servers at the Chapel Hill, N.C.-based UNC Lineberger Comprehensive Cancer Center were hacked. They contained administrative files.

What was the response? After the incident was discovered, the health care facility took immediate steps to secure the data on the servers, but waited until late December, more than six months later, to notify those affected by letter. Officials cited an ongoing investigation as reason for the delay.

Quote: “Despite our investigation, however, we are unable to say for sure whether your personal information was accessed by an unauthorized person as a result of this incident,” Shelley Earp, the center's director, wrote in a letter dated Dec. 26. “Even if your personal information was accessed, we have no way to know whether it has been or will be misused.”

Source: www.chapelhillnews.com, The Chapel Hill News, “UNC cancer center computers hacked,” Jan. 4, 2013.

Previous Post
Next Post
Related Articles
Related Topics
Related Links
close

Next Article in The Data Breach Blog

Advertisement

How to Prevent Insider Threats!

POLL

More in The Data Breach Blog

Hackers raid Washington state court system to steal 160,000 SSNs, 1M driver's license numbers

Hackers raid Washington state court system to steal ...

After the public website of the Washington state Administrative Office of the Courts was compromised in February, an investigation revealed the severity of the breach in April.

Personal California birth records found in "unsecure" location

The California Department of Public Health announced that the data included names, addresses, Social Security numbers, and medical information.

Investment regulator loses portable device containing personal data

Although the specifics of the lost information is unknown, the Investment Industry Regulatory Organization of Canada has announced that 52,000 clients of 32 brokerage firms have been affected.