USC Computer Stolen From Keck School Of Medicine

November 4, 2005

KNBC-TV

http://www.msnbc.msn.com/id/10008508/



LOS ANGELES - Investigators are trying to figure out who stole a computer server from the USC Keck School of Medicine. The server has names and social security numbers of nearly 50,000 people.

Somebody broke into a computer room last week and USC sent out a letter warning that almost 50,000 people associated with the Keck School of Medicine has personal information that could now be in the hands of a criminal.

Cancer patients treated through the School of Medicine are among 50,000 people notified by letter that a computer server containing private data has been stolen from a campus computer room.

USC and LAPD investigators won't say how the thief gained access to the computer server, but USC warns that the server like this one includes names, social security numbers and other information about people associated with the school of medicine, including patients, donors and employees.

"I'm surprised that, you know, it got stolen, that the server got stolen itself," said Andy Ramadan, son of a hospital patient.

Andy's worried his dad's financial information could be in the wrong hands.

"I'm concerned right now. I'll have to do some work, we'll have to find out, you know, what's going on," he said.

A USC spokesman says the stolen files do not contain medical records.

USC says the information on the server was protected by a password and had an additional layer of security by a technician we spoke with says that won't stop a good hacker.

"On site you have a limited amount of time, you could use some type of password crack to try and break the password but when you're outside that environment you can remove the drives, use your own proprietary equipment and not even need a password to get into that type of software," said Simon Patridge, Data Recovery Technician.

Now the letter that USC sent out to the folks warning them about this problem says, quote, "Upon learning of this problem the university immediately began an internal investigation, the university also was notified law enforcement authorities of this matter when-and-were hiring a private investigator to help detect if any information on the server is used in an improper way."

The letter says "We apologize for any convenience and concern that this notification may cause." USC says everybody whose information was on the server has been notified by mail.

So if you haven't gotten a letter you don't have anything to worry about.

The thief might have been after the equipment but the data technician recovery expert says if someone's after becoming an identity thief what they're after is the data and it's worth more than the equipment.

Authorities say if you received a letter and you have concerns, check with the credit bureau to make sure nobody is using your identity.

[an error occurred while processing this directive]