State Health Dept. Breach Leads Roundup
Hackers Compromise Info on 50,000 IndividualsIn this week's breach roundup, the Michigan Department of Community Health is notifying nearly 50,000 individuals that their personal information may have been compromised after hackers accessed computers hosting the Michigan Cancer Consortium website. Also, the University of South Carolina is notifying 6,300 students that their personal information may be compromised after a laptop was stolen.
See Also: Are You APT-Ready? The Role of Breach and Attack Simulation
Hackers Compromise State Health Website
The Michigan Department of Community Health's cancer section was utilizing a password-protected portion of the Michigan Cancer Consortium website, hosted by a private company, to post cancer test reports, according to a statement provided by an MDCH spokesperson.
Hackers were able to access a portion of the website, but it's unknown if the reports were accessed, the spokesperson said.
The compromised information includes names, birth dates, Social Security numbers, testing results and testing dates.
Impacted individuals were notified of the breach and were provided information about protecting against identity theft, the MDCH spokesperson said. It's unclear whether the department is providing impacted individuals with complimentary credit monitoring services.
Stolen Laptop Impacts 6,300 USC Students
The University of South Carolina is notifying 6,300 students that their personal information may be compromised after a laptop was stolen from a locked room in the Physics and Astronomy department.
Compromised information includes Social Security number, e-mail and full name, according to USC's notification letter.
The laptop was used for testing purposes, according to a spokesperson from the university. "It is not known if the information for all of those potentially impacted was still on the computer," the spokesperson said.
Impacted individuals are being offered complimentary credit monitoring services for one year.
The university is in the early stages of implementing a system-wide effort to improve IT security, according to the spokesperson.
Game Developer Asks Users to Reset Passwords
Video game developer Ubisoft is recommending all of its users change their passwords after one of its web sites was exploited, allowing for unauthorized access to some of its internal online systems.
Upon conducting an investigation, Ubisoft discovered that data was illegally accessed from its account database, including user names, e-mail addresses and encrypted passwords, according to a statement from an Ubisoft spokesperson.
No personal payment information was compromised, the spokesperson said.
"Ubisoft's security teams are constantly exploring all available means to expand and strengthen our security measures against such criminal activities in order to better protect our customers," the spokesperson said.