LifeLock Blog

Women who get mammograms improve their chances of surviving breast cancer, but 236,000 women who get mammograms in North Carolina are now at an increased risk of becoming ID theft victims because a hacker attacked a University of North Carolina server containing their information.

Among the compromised records were those of 163,000 women that included their Social Security numbers, placing them at a very high risk of identity theft.

The accessed server at UNC-Chapel Hill contained information from the Carolina Mammography Registry, a compilation of data from 31 mammography sites in the state. The project is funded by the National Institutes of Health.

Little is known about the breach, which was discovered in July. Forensics experts haven’t yet been able to determine who committed the attack, its origin, or its impact. One thing they have learned, however, is that some of the viruses were installed as far back as 2007.

The university waited to notify individuals until they knew how many women were affected and could identify them, according to university officials.

The compromised server was one of two that stored a total of more than 662,000 women’s information. The second server wasn’t part of the data breach. 

Social Security number used to be used as patient identifiers, but are no longer. That’s why only some of the records included Social Security numbers, which are considered the most valuable information for identity thieves.

One of the biggest worries now for the researchers who study the compiled information is that the data breach may cause them to lose their NIH five-year, $2 million grant in the future.