UNCG Suffers a Computer Virus Infection

University of North Carolina at Greensboro (UNCG), USA discovered a security breach on its computer on December 11, 2008 owing to a virus.

The university's IT experts said that discovered evidences indicate that a Trojan.dropper virus had infected the workstation in April 2008. However, for eight months, no reports of identity theft came into notice. After receiving reports of virus in the system, the university authorities said that the technicians had instantly started to analyze the malware.

According to the security experts, the virus isn't designed to be controlled remotely as well as does not mine data of its own. Rather, it downloads other malicious programs on the system for stealing data, but there are no clues to suggest that these programs were downloaded, the specialists at UNCG said.

Meanwhile, technicians still do not know how the system got infected with the particular virus or if any personal data is stolen.

The news reports said that the malware was installed on the PC of the university's Accounting Services office that held payroll data. According to the authorities, a total of 275 people comprising 50 students and 225 employees might have been affected as a result of the security breach although previously the number was assumed to be 2,500.

They said that people who are still at risk might have experienced the theft of their names and social security numbers. Meanwhile, the university alerted all students and staff members of the breach over e-mail.

Authorities also stated that UNCG was doing everything necessary to ensure the safety of the business and personal information of the staff members. In a joint e-mail, Vice-chancellor for IT Jim Clotfelter and Vice-chancellor of business affairs Reade Taylor said that while they were anxious about any potential loss of confidential data, they were relieved to know that the extent and possibility of data leakage was smaller than actually thought, as reported by news-record on January 28, 2009.

After the incident, the university informed the three important credit-reporting companies - Experian, Equifax and TransUnion as well as the consumer protection unit of the state Attorney General of the computer breaches.

» SPAMfighter News - 2/12/2009