July 02, 2012

USC credit card data accessed in campus dining breach

The credit card numbers of an undisclosed number of students at the University of Southern California (USC) have been exposed.

How many victims? Undisclosed.

What type of personal information? Credit card numbers, though the university said no personally identifiable information was exposed.

What happened? A breach in a third-party software system that the university installed three years ago to process credit card transactions led to the exposure of data related to purchases made at a number of the campus dining establishments – including Ronald Tutor Campus Center, Seeds, the Lab on Figueroa Street and Starbucks on the health sciences campus.

What was the response? A letter was published Thursday on the university's website explaining that the breach occurred between May 21 (possibly earlier) and June 21. The university informed the vendor of the exposure and requested it take "appropriate corrective actions to secure its system."

The Los Angeles Police Department and USC's Department of Public Safety are investigating. The university is advising students to carefully check their credit card receipts going back months for anomalous activity.

Source: KABC-TV, Los Angeles, "USC warns of credit card security breach on campus," June 29, 2012


Previous Post
Next Post
Related Articles
Related Topics
Related Links
close

Next Article in The Data Breach Blog

Advertisement

How to Prevent Insider Threats!

POLL

More in The Data Breach Blog

Hackers raid Washington state court system to steal 160,000 SSNs, 1M driver's license numbers

Hackers raid Washington state court system to steal ...

After the public website of the Washington state Administrative Office of the Courts was compromised in February, an investigation revealed the severity of the breach in April.

Personal California birth records found in "unsecure" location

The California Department of Public Health announced that the data included names, addresses, Social Security numbers, and medical information.

Investment regulator loses portable device containing personal data

Although the specifics of the lost information is unknown, the Investment Industry Regulatory Organization of Canada has announced that 52,000 clients of 32 brokerage firms have been affected.