05 May 2014
The University of North Carolina Wilmington (UNCW) has suffered a data breach that may have exposed personal details of employees and staff, according to a notice by the institution.
The breached server contained a database with UNCW staff names, addresses and social security numbers. Details of graduate students, adjunct instructors and students who took a foreign language placement test between 2002 and 2006 were also stored on the server.
“UNCW does not believe that the unauthorized access constitutes a breach of personally identifiable information (information hacked for the purpose of misuse),” the announcement said. “Although personally identifiable information was exposed when the server was attacked, we have no evidence that the personal data or the associated social security numbers were accessed by the perpetrator of this attack, or that fraud has been committed utilizing the exposed information.”
The hackers somehow gained the password for an administrator account and used the server to host a phishing page.
The personal details of those in question have been removed from the breached server and the organization took steps to enhance their security. Law enforcement and all affected individuals have been notified about the incident.