Establishing Digital Trust: Don't Sacrifice Security for Convenience
The University of North Carolina Wilmington (UNCW) recently discovered that a university server had been breached, providing attackers with access to the names, addresses and Social Security numbers of an undisclosed number of UNCW students and employees (h/t Softpedia).
Those affected include people employed at UNCW as of March 2014, including part-time employees, full-time employees, graduate students and adjunct instructors, as well as people who took a foreign language placement test at UNCW between 2002 and 2006.
"Although personally identifiable information was exposed when the server was attacked, we have no evidence that the personal data or the associated Social Security numbers were accessed by the perpetrator of this attack, or that fraud has been committed utilizing the exposed information," the university said in a statement.
Following the breach, the university removed the file from the affected server, ensured that all server operating systems were current, ensured that all vendor applications were current, prevented upload access to Web application servers, increased frequency of scans to identify unauthorized access issues, deployed software to identify personal identifying information (PII) on university servers, and moved existing software applications to separate servers with improved security measures.