The University of Florida last week disclosed that an unknown attacker gained access to a server in its College of Dentistry where hundreds of thousands of patient records were stored.
UF, one of the nation's largest universities, said the data breach involved records of about 330,000 current or former dental patients who have all been notified about the incident. Personal information on the compromised server included names, addresses, birth dates, Social Security numbers, and in some cases, dental procedure care information for patients dating to 1990.
The IT department's technical staff members discovered the server was compromised on Oct. 3 while upgrading the server. At that time, they found software that had been installed remotely, and disconnected the server to cut off access for the intruder. The server is now back online with what is said to be more stringent security controls.
The university says it's working with the FBI and the university police department to investigate the security incident further and has set up a hotline to take questions that patients might have.
"It's unfortunate that like many large institutions, we were targeted," said Teresa Dolan, dean of the UF College of Dentistry in a statement the university issued today. Charles Frazier, UF's interim CEO, said, "Our university, as with any university or college, is constantly under attack by people trying to find and exploit weaknesses in our IT security defense mechanisms."
This story, "University of Florida Discloses Data Breach" was originally published by Network World.