CyberInsecure.com

Daily cyber threats and internet security news alerts
May 31st, 2008

Movie Sharing Program Causes A Security Breach In University Of California San Francisco

During routine University of California San Francisco (UCSF) monitoring of the campus computer network on January 11, 2008, UCSF discovered unusual data traffic on one of its computers. The investigation was completed this month and shows that an unauthorized movie-sharing program had been installed on this computer on or about December 2, 2007, by an unknown individual. The computer also held personal patient information of 3569 patients of Pathology and Laboratory Medicine. Installation of this program required high-level system access, which is why the incident is considered a security breach.

The University of California San Francisco alerted the group of patients that it has discovered a security breach after immediately removing the computer from the network to prevent further access. There is no indication that any patient files were accessed. According to UCSF, the administration takes this situation very seriously and is therefore responding with the highest level of caution and concern.

UCSF conducted a thorough investigation into the incident to assess how this breach occurred and whether any patient information may have been compromised. The data included information such as patient names, dates of pathology service, health information and, in some cases, social security numbers. The Department of Pathology has notified 2,625 UCSF patients whose information was contained on the computer. The files also included 944 patients whose tissue samples had been referred by other health care providers to UCSF for analysis.

A top-level task force has been created to improve the system of controls to protect patient information and other sensitive data. This task force is composed of campus leadership and is chaired by Executive Vice Chancellor and Provost Eugene Washington.

UCSF has established a special phone line (415) 353-7427 and a special email address PathHotline@ucsf.edu to answer questions from patients who received notification letters informing them about this recent breach.

Email, Bookmark or Share:
  • E-mail this story to a friend!
  • Digg
  • del.icio.us
  • StumbleUpon
  • Reddit
  • Technorati
  • Slashdot
  • Propeller
  • Google
  • Live
  • YahooMyWeb
  • TwitThis
  • Facebook
  • LinkedIn
More on CyberInsecure:
  • University Of California At San Francisco Patients Records Exposed
  • New Fake News Email Attack Circulating
  • Apple Patches Serious Security Flaws In QuickTime 7.5.5
  • Asprox Botnet Mass Attack Hits Governmental, Healthcare, and Top Business Websites
  • Columbia University Students Private Details Available On Google-Hosted Website For 16 Months

    • Posted in Data Theft, Privacy | Print This Post Print This Post

    This entry was posted on Saturday, May 31st, 2008 at 10:46 am and is filed under Data Theft, Privacy. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

    If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: Movie Sharing Program Causes A Security Breach In University Of California San Francisco

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    *
    To prove you're a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.
    Click to hear an audio file of the anti-spam word

    « « Hackers Have Cracked N-Gage Application, Alowing It To Run Pirated Games On Other Devices
    Computers Storing Personal Data Breached At Pocono Mountain School District » »