A hacker attack on the University of Massachusetts Dartmouth (UMass Dartmouth) exposed more than 75K students and staff, prompting a class action lawsuit over its failure to secure and safeguard data.
UMass, the public research university based in Dartmouth, has informed tens of thousands of individuals potentially impacted by what it calls a “data security event.” Information that UMass Dartmouth submitted to the Massachusetts Office of Consumer Affairs and Business Regulation reveals that over 75,000 people were impacted by the data breach.
“We deeply regret any inconvenience or concern this incident may cause and take this matter seriously,” David Gingerella, the uni’s vice chancellor of administration and facilities, said in a letter to potential victims.
According to Wolf Haldenstein, a consumer rights firm that’s investigating breach claims on “behalf of people who have been impacted,” third parties may have accessed:
- Names
- Social Security numbers (SSNs)
- Financial account information
- Payment card information
- Drivers’ license numbers
At least in theory, attackers could utilize the stolen details for financial fraud, identity theft, and unauthorized account access. Moreover, many online services require SSNs, driver’s licenses, and payment cards for identity verification, and attackers could use the stolen details for just that.
UMass Dartmouth is a public research university in the UMass system. The educational institution has over 8,000 students and over 400 academic staff. Since the breach exposed far more than 8,400 people, this strongly points to past and present students having their details accessed.
To assist individuals in mitigating potential privacy risks, UMass Dartmouth will provide complimentary identity protection services.
However, according to MassLive, a Massachusetts-based news outlet, Matthew Miller filed a class action lawsuit against UMass over the organization's failure to adequately guard sensitive data.
Attackers often target educational organizations, as they harbor large quantities of sensitive personal data and are often less well guarded than multibillion-dollar corporations.
Last week, we wrote about a data breach that impacted Albany College of Pharmacy and Health Sciences (ACPHS), which resulted in attackers taking large amount of sensitive information.
Your email address will not be published. Required fields are markedmarked