News

Data breaches expose personal information

Within the past month, a number of organizations in different sectors have been the victims of data breaches. Many of these events exposed the personal information of those associated with the groups, including data belonging to employees, students and patients. These instances highlight the need for improved security protections including SSL certificates and encryption.

University of Maryland breach
In late February, the University of Maryland came forward to report a data breach affecting the personal information of more than 300,000 staff members and students as part of a "sophisticated" cyberattack, according to CNET. In total, 309,079 individuals were impacted by the breach, which compromised Social Security numbers and birth dates of people from both the College Park and Shady Grove university campuses.

The breach exposed the sensitive personal data of individuals connected with school more than 10 years ago, as the affected database housed content related to students and faculty dating back to 1998. However, university president Wallace Loh noted in his apology that these persons' financial, academic or contact information was not compromised during the attack, CRN stated. Loh also said the institution recently bolstered its security, and will now look to strengthen protections even more.

"We recently doubled the number of our IT security engineers and analysts," Loh wrote in an apology to the university community. "We double our investments in top-end security tools. Obviously, we need to do more and better, and we will."

Internal Revenue Service breach
An employee utilizing an unencrypted USB drive caused the personal information of approximately 20,000 IRS employees to be compromised. According to eSecurity Planet, the individual took the portable drive home, which contained the affected personal data, and plugged it into an unsecured home workstation connected to the Internet. 

Although this event just recently came to light, IRS official said the actual occurrence happened in 2007 or earlier, and there are no signs the information has been used inappropriately. Still, a large amount of content may have been compromised by the employee's actions, including workers' Social Security numbers and home addresses of individuals in Pennsylvania, New Jersey and Delaware. These employees are currently being notified.

"This incident is a powerful reminder to all of us that we must do everything we can to protect sensitive data – whether it involves our fellow employees or taxpayers," said IRS commissioner John Koskinen.

University of California clinic breach
A recent data breach at the University of California at San Francisco has officials notifying more than 9,000 people that their information was compromised, according to CBS. The breach occurred after administrators discovered the theft of several desktop computers from a clinic associated with the university.

The workstations were taken from UCSF Family Medical Center at Lakeshore on Jan. 11. After investigating the event, analysts concluded that affected data included patients' names, birthdates, addresses, medical record numbers, health insurance ID numbers and driver license numbers. Additionally, more than 100 files on the stolen hardware also had Social Security numbers.

Officials are currently sending notifications to the 9,986 affected by the breach, and have also reported the event to the state department of health, the state attorney general and federal officials. These individuals are being offered assistance and information on how to deal with the implications of the event. Those whose Social Security numbers were compromised are also being offered credit monitoring services.

Bolstering information security
While many organizations leverage monitoring to oversee network and device activity, there are several other technologies that can be used to better protect individuals' sensitive data. For example, firms can utilize SSL certificates for content encryption, which makes safeguarded materials indecipherable to any unauthorized third parties.

Protect data in transit with an SSL certificate today. 

corporate office

Thawte
The Gateway
Century Lane
Century City, 7441
Cape Town
South Africa

Postal Address:
P O Box 15986
Panorama 7500
Cape Town
South Africa

Call: +353 1 793 9141
Fax: +27 21 819 2950

Buy now! Try now!