University of Southern California

The University of Southern California (USC) experienced a data breach reported by the California Office of the Attorney General on June 29, 2012. The incident involved unauthorized access to credit card numbers used at USC dining venues between May 21 and June 21, 2012. While the breach exposed payment card data, no personally identifiable information (PII) such as names, addresses, or Social Security numbers was compromised. USC responded by immediately disabling the affected system and collaborating with a third-party vendor to enhance security measures. The breach was contained to financial transaction data, with no evidence of broader data exfiltration or misuse beyond the exposed credit card details. The university emphasized that the incident did not impact academic, administrative, or personal records of students, faculty, or staff. The focus remained on mitigating risks associated with potential fraudulent transactions linked to the compromised payment system.

Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-32132

TPRM report: https://www.rankiteo.com/company/usc-auxiliary-services

"id": "usc030090625",
"linkid": "usc-auxiliary-services",
"type": "Breach",
"date": "5/2012",
"severity": "60",
"impact": "2",
"explanation": "Attack limited on finance or reputation"

{'affected_entities': [{'industry': 'higher education',
                        'location': 'Los Angeles, California, USA',
                        'name': 'University of Southern California (USC)',
                        'type': 'educational institution'}],
 'data_breach': {'data_exfiltration': True,
                 'personally_identifiable_information': 'none',
                 'sensitivity_of_data': 'high (credit card numbers)',
                 'type_of_data_compromised': ['payment card data']},
 'date_detected': '2012-06-29',
 'date_publicly_disclosed': '2012-06-29',
 'description': 'The California Office of the Attorney General reported a data '
                'breach involving the University of Southern California (USC) '
                'on June 29, 2012. The breach involved unauthorized access to '
                'credit card numbers utilized at USC dining venues between May '
                '21 and June 21, with no personally identifiable information '
                'compromised. The university promptly disabled the compromised '
                'system and is working with a vendor to secure it.',
 'impact': {'data_compromised': ['credit card numbers'],
            'identity_theft_risk': 'none (no PII compromised)',
            'payment_information_risk': 'high (credit card numbers exposed)',
            'systems_affected': ['USC dining venues payment system']},
 'references': [{'date_accessed': '2012-06-29',
                 'source': 'California Office of the Attorney General'}],
 'regulatory_compliance': {'regulatory_notifications': ['California Office of '
                                                        'the Attorney '
                                                        'General']},
 'response': {'containment_measures': ['disabled compromised system'],
              'incident_response_plan_activated': True,
              'remediation_measures': ['working with vendor to secure the '
                                       'system'],
              'third_party_assistance': True},
 'title': 'University of Southern California (USC) Data Breach - 2012',
 'type': 'data breach'}

University of Southern California

Pax8: Cloud marketplace Pax8 accidentally exposes data on 1,800 MSP partners

Dell: Alleged Dell data compromise raises skepticism

Free Mobile: French data regulator fines telco subsidiaries $48 million over data breach