Search results for:
Tags: attackers, attacks, cloud hosting, Cloud Server Hosting, credit card information, Cyber Crime, data center security, dedicated hosting, hackers, hacking, Hostwinds, information technology, internet, malicious software, networking, networks, passwords, private communications, security, servers, technology, web hosting, web site, world wide web
The University of California in Irvine recently announced that "a hacking program that records the keystrokes of computer users_" was discovered on three computers in one of their facilities, according to an article published on the AllGov California website. The report indicates that this program lived on workstations at the Student Health Center for "_six weeks_" and authorities estimate that it "_may have captured the personal data of approximately 1,800 students and 23 non-students."
The article confirmed that the breach was initially reported on May 14 by PHIprivacy.net. In response to the report, J. Patrick Haines, Executive Director of the Student Health Center, notified "potentially affected parties_" by letter advising that "_the malware was active between February 14 and March 27 and transmitted the data to unauthorized servers outside the UC network", according to the article. Those notified were advised, according to the report, that the compromised information may include "names, unencrypted medical information, student ID numbers, non-student patient ID numbers, mailing addresses, telephone numbers, amounts paid for health center services, and bank and check information for aforementioned expenditures."
According to the article, the center director stated, "We do not indicate that the data have been fraudulently used_" but noted that the university had been notified by the California Information Security Office in the California Department of Technology (CDT) regarding the breach on March 27 but gave "_no explanation how they became involved." In addition, University authorities could not confirm what type of "_keylogger_" was used in this attack or if any "_employee system login credentials_" were compromised during the event. Confirmation of these details would be helpful to accurately gauge the effect of this event and allow authorities to measure its possible aftermath.
Written by Bryon Turcotte / May 23, 2014