TRENDING:

Educause Breach Leads Roundup

Hashed Passwords Affected Jeffrey Roman (gen_sec) • February 28, 2013    
Educause Breach Leads Roundup

In this week's breach roundup, the not-for-profit association Educause has alerted all of its website users to change their passwords after a breach. Also, Crescent Healthcare, a Walgreens Company, has notified an undisclosed number of individuals of a security breach.

See Also: Are You APT-Ready? The Role of Breach and Attack Simulation

Breach Affects Educause Users

Educause, a not-for-profit association of IT leaders and professionals working to advance higher education, has alerted all of its website users to change their passwords after a breach affected user profiles.

Compromised information includes users' names, titles, e-mail addresses, usernames and hashed passwords. All passwords have been deactivated and individuals need to create new ones, the organization said.

Other compromised information may include hashed passwords of .edu domain holders, although it's unclear how many. Educause is the sole registrar for names in the .edu domain. Educause says designated administrative, technical or billing contacts for these domain holders must change their passwords.

The organization notified all individuals with active website profiles via e-mail on Feb. 19.

Walgreens Unit Reports Breach

Crescent Healthcare, a Walgreens company, has notified an undisclosed number of individuals of a theft incident involving sensitive information.

Crescent Healthcare manages and delivers integrated pharmacy and nursing solutions.

A spokesperson from Walgreens confirmed an unknown number of individuals accessed its billing center in Anaheim, Calif., on Dec. 28, 2012, without permission and stole certain desktop computer hardware and paper records containing certain employee, employee applicant and patient information. The spokesperson did not identify the types of information involved nor the number of individuals affected.

When Crescent Healthcare discovered the incident on Dec. 31, 2012, it contacted law enforcement, filed a police report and launched an investigation into the incident.

As a result of the breach, Crescent Healthcare says it has taken steps to enhance its security policies and procedures.

Previous
New Threats, New Firewall
Next
Staffing: Supply vs. Demand

About the Author

Jeffrey Roman

Jeffrey Roman

News Writer, ISMG

Roman is the former News Writer for Information Security Media Group. Having worked for multiple publications at The College of New Jersey, including the College's newspaper "The Signal" and alumni magazine, Roman has experience in journalism, copy editing and communications.



Around the Network

Is It Generative AI's Fault, or Do We Blame Human Beings?
Is It Generative AI's Fault, or Do We Blame Human Beings?
How the NIST CSF 2.0 Can Help Healthcare Sector Firms
How the NIST CSF 2.0 Can Help Healthcare Sector Firms
Transforming a Cyber Program in the Aftermath of an Attack
Transforming a Cyber Program in the Aftermath of an Attack
Identity Security and How to Reduce Risk During M&A
Identity Security and How to Reduce Risk During M&A
Medical Device Cyberthreat Modeling: Top Considerations
Medical Device Cyberthreat Modeling: Top Considerations
Evolving Threats Facing Robotic and Other Medical Gear
Evolving Threats Facing Robotic and Other Medical Gear
Protecting Medical Devices Against Future Cyberthreats
Protecting Medical Devices Against Future Cyberthreats
How 'Security by Default' Boosts Health Sector Cybersecurity
How 'Security by Default' Boosts Health Sector Cybersecurity
Properly Vetting AI Before It's Deployed in Healthcare
Properly Vetting AI Before It's Deployed in Healthcare
Safeguarding Critical OT and IoT Gear Used in Healthcare
Safeguarding Critical OT and IoT Gear Used in Healthcare

Continue »

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.asia, you agree to our use of cookies.