Cal Berkeley health data breach affects 160,000
Monday, May 11, 2009
The University of California-Berkeley on Friday acknowledged that hackers breached a database of the university's health system records, including 160,000 names and Social Security numbers.
UC Berkeley said it was notifying the people affected about possible identity theft or fraud, but the initial data theft may have occurred months before the university's IT security administrators caught on.
The server breach began on October 9, 2008 and continued until April 9, 2009, when campus network security administrators found messages left by the hackers, according to the university's website.
The databases breached by hackers contained health insurance information and "non-treatment medical information," such as immunization records and names of physicians patients may have seen, the university said.
Investigators believe the attack was launched by hackers based overseas - who accessed a public website and bypassed security to access databases stored on the same server.
The victims of the cybertheft are current and former UC Berkeley students, as well as their parents and spouses who had UHS health care coverage dating back to 1999; and some Mills College former and current students back to 2001.
"UC Berkeley administrators pointed out that the hackers fortunately did not access University Health Services's (UHS) medical records, which include patients' diagnoses, treatments and therapies," wrote Janet Gilmore, a university media relations spokesperson.
Related News:
Password security a tall order for many web users - 1.22.2010
A recently released study from tech researcher Imperva showed that the most popular password among users whose accounts were compromised in the recent RockYou data breach was as follows: 123456.
Facebook fixes "wrong friends list" mobile network security glitch - 1.22.2010
CNET reports that social media network Facebook has repaired a problem in the mobile version of its service that caused some mobile users to have full access to the friends lists of unassociated users.
Automated phishing scam hits bank customers - 1.14.2010
Phishing attacks do not target victims exclusively via email, experts say, pointing to a recent rash of automated phone calls that attempted to convince victims to give up sensitive banking information.
Scammers ride aftershocks of Haiti catastrophe - 1.14.2010
The Federal Bureau of Investigation has issued a warning to those who want to contribute to earthquake relief efforts in Haiti, saying that cyber criminals and other types of scam artists are trying to take advantage of an outpouring of humanitarian support.
Banking Trojans finding new vector with fake Outlook alerts - 1.11.2010
A spurious alert purporting to come from Microsoft Outlook has cropped up in recent weeks, according to a maker of email filtering software.
|
