The University of California in Irvine recently announced that “a hacking program that records the keystrokes of computer users” was discovered on three computers in one of their facilities, according to an article published on the AllGov California web site. The article indicates that this program lived on workstations at the Student Health Center for “six weeks” and authorities estimate that it “may have captured the personal data of approximately 1,800 students and 23 non-students.”
The article confirmed that the breach was originally reported on May 14 by PHIprivacy.net. In response to the report, J. Patrick Haines, Executive Director of the Student Health Center, notified “potentially affected parties” by letter advising that “the malware was active between February 14 and March 27 and transmitted the data to unauthorized servers outside the UC network”, according to the article. Those notified were advised, according to the article, that the compromised information may include “names, unencrypted medical information, student ID numbers, non-student patient ID numbers, mailing addresses, telephone numbers, amounts paid for health center services, and bank and check information for aforementioned expenditures.”
According to the article, the center director stated, “We have no indication that the data have been fraudulently used” but noted that the university had been notified by the California Information Security Office in the California Department of Technology (CDT) regarding the breach on March 27 but gave “no explanation how they became involved.” University authorities could not confirm specifically what type of “keylogger” was used in this attack or if any “employee system login credentials” were compromised during the event, according to the article. Confirmation of these details would be helpful to accurately gauge the effect of this event and allow authorities to measure its possible aftermath.