- BlackBerry Storm vs. the iPhone
- Digg's Kevin Rose: "We have to do better"
- Blogger warns: "Nortel doesn't make it out alive"
- Financial quagmire bringing out the scammers
- Verizon plays with the wrong e-mail addresses
Newsletters | Podcasts | Chats | Opinions | RSS Feeds | This Week In Print | IT Careers | Community | Reports | Downloads | Slideshows | New Data Center
Partner Sites:Application Performance Solutions | App Performance | Networking Solution | SafeGuard Enterprise Solution Center | SOA | Test your Web Filter | Value of WDS
The state of California has warned residents that their personal data may have been stolen from computers at the University of California, Berkeley, after a database used by researchers there was compromised by hackers.
The California Department of Social Services (CDSS) issued a media advisory on Tuesday, saying that the agency was working with the FBI to investigate an intrusion on a computer at Berkeley that contained personal information on around 1.4 million recipients and providers of In Home Supportive Services (IHSS), which provides home-care services to low-income elderly and disabled Californians. Names, addresses, telephone and Social Security numbers, as well as the birth dates for IHSS participants, could have been stolen by the malicious hackers, according to Carlos Ramos, assistant secretary at CDSS.
The state agency gave Berkeley the IHSS data, which was stored on a machine at the university, for research on the CDSS program. If stolen, the information could be used to fake the identity of IHSS recipients.
The compromise occurred on Aug. 1 and was discovered on Aug. 30 by Berkeley IT staff using intrusion detection software, Ramos said.
According to Ramos, investigators know a malicious hacker exploited a vulnerability in "commercially available database software" and compromised the computer, but they don't know if the attack was targeted, speculating that malicious hackers possibly discovered the system by scanning for machines running vulnerable versions of the database software.
While evidence indicates that none of the database's information has been misused, IHSS recipients were encouraged to obtain a credit report and make sure that they were not identity theft victims, the CDSS said in a statement.
A database of personal information on elderly and infirm people would be an attractive target for identity thieves, who may lack the technical sophistication to defend themselves against identity theft, and may even be unaware the IHSS database stored their data, said Jonathan Bingham, president and founder at Intrusic, a Waltham, Mass., company that makes software for spotting suspicious activity on computer networks.
"You take somebody who's elderly and hasn't had experience with computer networks - they're not going to get it," Bingham said.
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 |
Copyright © 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comment