Educause Breach Leads RoundupHashed Passwords Affected
In this week's breach roundup, the not-for-profit association Educause has alerted all of its website users to change their passwords after a breach. Also, Crescent Healthcare, a Walgreens Company, has notified an undisclosed number of individuals of a security breach.
See Also: The Global State of Online Digital Trust
Breach Affects Educause Users
Educause, a not-for-profit association of IT leaders and professionals working to advance higher education, has alerted all of its website users to change their passwords after a breach affected user profiles.
Compromised information includes users' names, titles, e-mail addresses, usernames and hashed passwords. All passwords have been deactivated and individuals need to create new ones, the organization said.
Other compromised information may include hashed passwords of .edu domain holders, although it's unclear how many. Educause is the sole registrar for names in the .edu domain. Educause says designated administrative, technical or billing contacts for these domain holders must change their passwords.
The organization notified all individuals with active website profiles via e-mail on Feb. 19.
Walgreens Unit Reports Breach
Crescent Healthcare, a Walgreens company, has notified an undisclosed number of individuals of a theft incident involving sensitive information.
Crescent Healthcare manages and delivers integrated pharmacy and nursing solutions.
A spokesperson from Walgreens confirmed an unknown number of individuals accessed its billing center in Anaheim, Calif., on Dec. 28, 2012, without permission and stole certain desktop computer hardware and paper records containing certain employee, employee applicant and patient information. The spokesperson did not identify the types of information involved nor the number of individuals affected.
When Crescent Healthcare discovered the incident on Dec. 31, 2012, it contacted law enforcement, filed a police report and launched an investigation into the incident.
As a result of the breach, Crescent Healthcare says it has taken steps to enhance its security policies and procedures.