Remember that breach that the University of North Carolina at Charlotte disclosed back in February? Well, they’ve finally released some details and it’s a doozy. Chris Dyches reports:
An investigation into the incident shows that financial account numbers and approximately 350,000 social security numbers were included among the exposed data.
The exposure has been remediated, officials say, and the University is acting to alert people who may have been affected by this exposure.
[…]
Due to a system misconfiguration and incorrect access settings, a large amount of electronic data hosted by the University was accessible from the Internet.
There were two exposure issues, one affecting general university systems over a period of approximately three months, and another affecting the University’s College of Engineering systems over a period exceeding a decade.
Read more on WBTV.
Remember when UNC-Chapel Hill tried to fire a professor whose mammography research database was hacked? They demoted her instead, but to a lot of people, their response seemed harsh and inappropriate. Now we have two data breaches at UNC-Charlotte, one of which went undetected for over a decade, and these breaches affected more SSN than the mammography incident. So what will UNC do now?
And what, if anything, will the U.S. Dept of Education do in response to these breaches?