Quick Facts

• Date: 5/6/2011
• Institution: Central Oregon Community College
• Type of Incident: Penetration
• Number Affected: Unknown
• Source: ESI
• Abstract Source: KTVZ

Abstract
Central Oregon Community College recently notified users after taking the college's web site down following a two security breaches. According to notices sent by COCC officials, the web site was taken down on Wednesday and then again on Thursday following security breaches of the site on both days. While originally COCC did not believe any personal information was at risk, additional investigation showed the attacker(s) may have had accesses to 2011 COCC nursing program applicant data and 2012 COCC Foundation scholarship data. According to the notices sent to students in each of these groups, the applications did not contain credit card or Social Security numbers, but did contain email addresses and COCC ID numbers. According to the college, investigations are still ongoing to make sure no additional personal or sensitive information is at risk following the breaches. COCC is working with local and federal law enforcement during the investigation.

Quick Facts

• Date: 3/29/2011
• Institution: University of Regina
• Type of Incident: Penetration
• Number Affected: None
• Source: ESI
• Abstract Source: CBC

Abstract
The University of Regina recently announced that a security breach caused the university to shutdown its main web server. The breach appeared to effect only the web site. While the server was compromised university officials state that no confidential information was accessed by unauthorized individuals. Staff had corrected the problem causing the breach shortly after discovery.

Quick Facts

• Date: 3/11/2011
• Institution: Virginia Tech
• Type of Incident: Penetration
• Number Affected: 370
• Source: ESI
• Abstract Source: The Roanoke Times

Abstract
Virginia Tech recently notified a number of current and former employees after a computer virus may have exposed personal information. The infected computer, located in VT's controller's office, contained the names and Social Security Numbers of 370 current and former employees. The Zeus infection, which occurred on Feb 15, was discovered on Feb 23 during an audit of computers that store Social Security numbers. In the letters to those affected the university is offering 12 months of credit monitoring. According to VT spokesman Mark Owczarski, there have been no reports of identity theft relating to the breach.

Quick Facts

• Date: 3/9/2011
• Institution: University of Massachusetts Amherst
• Type of Incident: Penetration
• Number Affected: 942
• Source: ESI
• Abstract Source: Health Data Management
• Update1 Source: UMass Press Release

Abstract
The University of Massachusetts Amherst began notifying individuals on March 7 after an investigation concluded a breach placed protected health information at risk. The breach, which involved a malware infection on a workstation that could have allowed unauthorized access, involved the names, insurance information, medical record numbers, medication information, physician information, pharmacist information and prescription history of 942 UMass Amherst Health Center patients. UMass staff became aware of the breach on October 28, 2010 and launched an investigation that was finished on Feb 1, 2011. The investigation discovered that the breach initially occurred on June 30, 2010. When asked about the 60 day notification requirement, the university believes it is in compliance since the notification was made less than 60 days after the investigation was concluded. A UMass spokesperson said the university feels the best process is to advise individuals to monitor their accounts and credit reports for unauthorized activity and will not offer free credit protection. Internally, UMass has implemented several steps to help increase security including installing automated software to detect unauthorized activity, increased staff training and will improve the identification of personal information on departmental computers.

Update1
For more information, here is a link to the UMass Press Release.

Quick Facts

• Date: 3/7/2011
• Institution: University of Massachusetts Amherst
• Type of Incident: Penetration
• Number Affected: 942
• Source: DataLoss DB
• Abstract Source: Health Data Management, University of Massachusetts News Release

Abstract
The University of Massachusetts recently notified individuals after staff discovered malware on a computer containing protected health information. The computer, used in UMass's University Health Services, contained the names, health insurance company and medical record numbers on 942 UHS patients. In addition, the computer contained the prescription information, including medication, pharmacist, quantity, length of prescription and physician between Jan 2009 and Nov 2009 for these patients. The computer was originally infected in June 2010 and was corrected by the end of Oct 2010. A follow up investigation did not find any evidence that the protected health information was copied. In the letter, UMass officials advise affected individuals to monitor their health insurance information for any unusual activity but believes the likelihood of problems to be very low. UMass has responded to the incident by increasing training of UHS staff, installing automated software to discover malware infections and increasing efforts to discover protected information on desktops and workstations.