CNET Security is reporting that computers at the University of CA at Berkeley have apparently been hacked, placing the personal information of as many as 160,000 individuals at risk.
At least 97,000 Social Security numbers were accessed, which is a very big deal.
Preliminary investigation seems to show that the attackers gained access through a public-facing web site, then bypassed controls to break into a database stored on the same server. Again, security best practice is to NOT store the db on the same physical or virtual server for this very reason.
This was a Health Services computer, so you can bet there will be all sorts of recriminations. With all the rules surrounding the HIPPA reg, a granular investigation will undoubtedly take place.
I'll keep you posted, so stay tuned.
UC Berkeley computers hacked, 160,000 at risk