Establishing Digital Trust: Don't Sacrifice Security for Convenience
The University of Maine recently stated that hackers had breached a university server, resulting in the possible exposure of as many as 1,175 Social Security numbers and 435 credit card numbers.
"John Gregory, executive director of Information Technologies at UMaine, said Thursday that the Computer Connection, the computer store involved in the breach, primarily serves the Orono campus," The Kennebec Journal reports. "It is possible that students from other campuses, including the University of Maine at Augusta, could purchase computers from there, but Gregory said it wouldn't make up a large part of the store's business."
The server also provided services to a computer store at the University of Arkansas, potentially affecting over a thousand customers there as well. "However, university officials are continuing to investigate the matter and believe that once it completes its analysis, the actual number of affected customers will be smaller," according to a University of Arizona press release. "At this time, a review shows that seven customers’ complete credit card numbers were located in the breached data server, with one customer being a unit of the university. Significantly, no security codes or other sensitive authentication data were stored on the server for any customers, officials said."
"The Maine State Police Computer Crimes Unit, FBI, UMaine police and information technology staff at the University of Maine System and its flagship campus are investigating the server security breach," writes Bangor Daily News' Nick McCrea. "Investigators are working with AllClear ID’s Identity Protection Network to notify affected customers."https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=i
"The University of Maine also experienced a computer security breach in 2010, when hackers allegedly accessed personal data of an estimated 4,585 students from the campus Counseling Center," Mainebiz reports. "Forensic analysis ultimately revealed that no personal data was uploaded or shared."