University of North Carolina at Chapel Hill

UNC-Chapel Hill Data Breach affects 6000 people

December 15th, 2013

The University of North Carolina at Chapel Hill is a coeducational public research university located in Chapel Hill, North Carolina, United States. It is the second largest university in North Carolina.

According to UNC-Chapel Hill an online data breach of personal information affects more than 6,000 people, officials are investigating

As the files went online, they contained information belonging to some current and former employees, vendors, and students. Information contained names and Social Security or Employee Tax Identification numbers, and in some instances, addresses and dates of birth.

An information technology manager in the UNC Division of Finance and Administration was informed that some electronic files managed by the Division of Facilities Services became accessible on the Internet.

When university officials learned about the incident, they took steps to block access to the files and began an extensive investigation and the records are no longer accessible on the Internet.

the university began notifying affected individuals by mail.

The university also learned that as part of Google’s automated processes, these files were copied and made publicly accessible. The university asked Google to take the records down immediately, and Google complied.

UNC worked with a consultant to identify potentially affected individuals as soon as it had been confirmed that their personal information was included in the files.

in the notification letter sent to the affected people, Kevin Seitz, interim vice chancellor for finance and administration said “Other than Google’s activities described above, we have not been able to determine whether individual personal information was accessed by others or was misused as a result of this incident”.

“Please be assured that we continue to evaluate our computer and administrative systems and to implement appropriate measures to protect the sensitive information in our possession.”

According to Chris Kielt, vice chancellor for information technology, the university’s prompt, aggressive action underscores its commitment to protect sensitive data. Making sure the files were secured and notifying the affected people as quickly as possible were top priorities, he said in a statement.

To help protect personal information stored on campus servers, Information Technology Services (ITS) has a process in place for regularly scanning servers that have been identified by a unit’s system administrator as storing sensitive data.

“Furthermore, as part of a broader initiative to address the risk imposed by the exposure of sensitive data, ITS is working to formalize the process for identifying and safeguarding sensitive data university-wide,” he said.

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

Enhanced by Zemanta