An undisclosed number of employees, graduate students and adjunct instructors with the University of North Carolina Wilmington (UNCW) may have had personal information – including Social Security numbers – compromised after unauthorized access was gained to an applications server.
How many victims? Undisclosed. UNCW did not immediately respond to a SCMagazine.com request for this information.
What type of personal information? Names, addresses and Social Security numbers.
What happened? Unauthorized access was gained to a UNCW applications server, which could have enabled access to a database containing the information.
What was the response? UNCW removed the file from the server and notified state regulatory and law enforcement agencies. UNCW ensured all operating systems are current, ensured vendor applications are current, prevented upload access to the web application server, increased frequency of scans for unauthorized access, identified personal information contained in files stored on UNCW servers, and moved existing software applications to servers with improved security. All impacted individuals are being notified.
Details: Individuals employed by UNCW as of March 2014, including part-time and temporary employees, graduate students and adjunct instructors, were impacted, as well as individuals that took a foreign language placement test between 2002 and 2006.
Quote: “Although personally identifiable information was exposed when the server was attacked, we have no evidence that the personal data or the associated Social Security numbers were accessed by the perpetrator of this attack, or that fraud has been committed utilizing the exposed information,” a notification on the UNCW website said.
Source: uncw.edu, “Important Notice About Unauthorized Server Access,” April 29, 2014.