The UConn Co-op was informed by its vendor that there has been a data security incident involving the customer database for the UConn Co-op’s website HuskyDirect.com that may have exposed the billing information of HuskyDirect customers. This information includes name, address, e-mail, telephone number, and credit card number, expiration date, and security code.
The database consisted of 18,000 HuskyDirect customers. The Co-op is investigating how many accounts were actually accessed. HuskyDirect.com is the website from which customers can order sports paraphernalia from the UConn Co-op. The customer database for HuskyDirect is managed by a vendor.
The Co-op learned from the vendor that a hacker obtained access to the customer database. In response, the Co-op directed the vendor to take down the database, and has notified law enforcement. The Co-op has also sent a notice to the customers whose information was contained in the database, and is in the process of arranging for credit protection for those customers.
Customers who purchased items in the Co-op with a credit card were not affected, nor were students who purchased text books, or made purchases in person at a Co-op store or off-site location. Only those customers who made purchases through HuskyDirect.com were affected. No data stored by the University of Connecticut itself was exposed.
The Co-op has posted answers to frequently asked questions on this matter on its website.