University of Maine student information exposed

Share this article:
Hackers recently gained access to a pair of file servers containing the personal information of University of Maine students who received counseling services at the school for the past eight years.

How many victims? 4,585.

What type of personal information? Names, Social Security numbers and clinical information.

Details: Every student who sought counseling services from the school's counseling center between Aug. 8, 2002 and June 21 of this year are affected, school officials said. Currently, it is unclear whether the data was viewed or downloaded.

The university's investigation began on June 16, after counseling center staff reported having trouble obtaining files on the server. The investigation revealed that one of the servers was compromised as early as March 4. After gaining access to the initial machine, the hackers infiltrated a second server.

The Maine Legislature also announced this week that one of its websites was hacked and infected with malware, IT officials said. The site, which details the status of bills, currently remains offline.

Both incidents likely are related.

Quote: "This sort of crime is in every way, shape and form an insidious affront to the rightful privacy expectations of our students," said University of Maine's Dean of Students Robert Dana.

What was the response? University of Maine police are leading an investigation into the hacking incident, along with federal prosecutors and computer crimes experts from the U.S. Secret Service. Affected individuals will receive a one-year subscription for credit monitoring services. In addition, the school is taking additional but unspecified steps to prevent future breaches.

Source: http://www.mpbn.net, The Maine Public Broadcasting Network, “Hackers Compromise UMaine Servers, Legislative Web site,” June 29, 2010.

Share this article:
You must be a registered member of SC Magazine to post a comment.
close

Next Article in The Data Breach Blog

Sign up to our newsletters

RECENT COMMENTS

FOLLOW US

More in The Data Breach Blog

About 60K transactions possibly affected in Cape May-Lewes Ferry breach

The security of card processing systems relating to food, beverage and retail sales at the Cape May-Lewes Ferry was compromised and payment card data may be at risk.

Arkansas State University-Beebe is investigating a potential breach

Arkansas State University-Beebe is notifying students and employees of a service running on one of its servers that could pose a potential breach to the system.

Unencrypted discs missing, Arizona State Retirement System notifies 44,000

Arizona State Retirement System notifies nearly 44,000 individuals enrolled in dental plans that two unencrypted discs containing their personal information are missing.