Cyber Incident Victim: Coastal Carolina University
Date:
Aug 2013
Location:
United States of America
Summary
A breach at a California university involved unauthorized access to a web server storing employee records and extended learning course information. The intrusion remained undetected for nearly a year before discovery, during which an attacker copied files containing names, addresses, and Social Security numbers for over 6,000 individuals, with birthdates exposed for approximately 500 people. Malicious software facilitated the data exfiltration from systems housing employment transaction records. The institution notified affected parties and submitted breach documentation to state authorities following an internal investigation.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 2 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On August 11, 2014, California State University East Bay's information security team discovered a breach in a university web server storing personal employee information. The intrusion had occurred nearly one year earlier on August 23, 2013, remaining undetected until the 2014 discovery. University officials initiated an investigation which determined an unauthorized individual had accessed the server hosting employment transaction records and extended learning course information. The attacker deployed malicious software that enabled copying of a specific data file containing sensitive information. This file held full names, addresses, and Social Security numbers for 6,036 individuals, with birth dates additionally compromised for 508 people. The university did not specify how the breach was ultimately detected after the prolonged undetected period. No evidence suggested misuse of the stolen data at the time of disclosure. The delayed discovery timeframe indicated the breach persisted for approximately 352 days before identification.
California State University East Bay officials publicly disclosed the incident on September 6, 2014, confirming the compromised server's function in storing employment records. The institution notified all 6,036 affected individuals whose personally identifiable information was exposed. A template of the notification letter was submitted to the California Attorney General's office as required by state breach disclosure laws. The university did not report whether law enforcement agencies were engaged in investigating the intrusion. No details were provided regarding containment measures taken after discovery, forensic methodology, or potential system vulnerabilities exploited in the attack. The breach exclusively impacted current or former employees and participants in extended learning programs, with no indication of student data involvement. Financial information and academic records were not mentioned as compromised in the disclosed file contents.