North Carolina Colleges Library System Breached
Quick Facts
- Date: 12/17/2009
- Institution: Alamance Community College, Beaufort County Community College, Bladen Community College, Blue Ridge Community College, Brunswick Community College, Central Carolina Community College, College of The Albemarle, Gaston College, Halifax Community College, Haywood Community College, Johnston Community College, Lenoir Community College, Martin Community College, Nash Community College, Pamlico Community College, Piedmont Community College, Richmond Community College, Roanoke-Chowan Community College, Rowan-Cabarrus Community College, Sandhills Community College, Southwestern Community College, Tri-County Community College, Vance-Granville Community College, Wake Tech Community College, Wilson Community College
- Type of Incident: Penetration
- Number Affected: 51,000
- Source: DataBreaches.Net
- Abstract Source: NC Community Colleges Press Release (PDF)
Abstract
The North Carolina Community Colleges system began notifying library patrons from 25 NC community colleges after a unauthorized individual gained access to a system housing patron data. The affected server, located in the NC Community Colleges System Office, was found to contain the personal information on 51,000 individuals including 12,400 Drivers License number and 38,500 Social Security numbers. The breach appears to have occurred on August 23, 2009 and NC Community Colleges staff became aware of the breach on August 24, 2009. An initial review discovered that 18 colleges used the Drivers License information to identify patrons. These colleges include Alamance, Beaufort, Blue Ridge, Brunswick, Central Carolina, College of The Albemarle, Gaston, Halifax, Johnston, Martin, Pamlico, Piedmont, Richmond, Rowan-Cabarrus, Tri-County, Vance-Granville, Wake Tech and Wilson. On October 19, 2009, the ongoing investigation uncovered that 12 colleges used Social Security numbers to identify patrons. these colleges include Bladen, Haywood, Lenoir, Nash, Pamlico, Richmond, Roanoke-Chowan, Sandhills, Southwestern, Tri-County, Vance-Granville and Wilson. The letters sent to those affected inform the individuals whether their Drivers License number or Social Security number (or both) were on the server and the letters contain information on how to check and secure credit profiles. NC Community Colleges are working to ensure that all personal data is removed from library systems to help prevent this incident from occurring in the future. The press release did not give a reason for the long delay in notification.
- Alamance Community College
- Beaufort County Community College
- Bladen Community College
- Blue Ridge Community College
- Brunswick Community College
- Central Carolina Community College
- College of The Albemarle
- Gaston College
- Halifax Community College
- Haywood Community College
- Johnston Community College
- Lenoir Community College
- Martin Community College
- Nash Community College
- Pamlico Community College
- Piedmont Community College
- Richmond Community College
- Roanoke-Chowan Community College
- Rowan-Cabarrus Community College
- Sandhills Community College
- Southwestern Community College
- Tri-County Community College
- Vance-Granville Community College
- Wake Tech Community College
- Wilson Community College
- 2009
- DataBreaches.net
- Penetration
- Personally Identifying Information
- Social Security Numbers