USC today posted a letter online relating to an instance of credit card fraud. The letter and related questions and answers about the incident are available at news.usc.edu and are reproduced below:
Dear USC Faculty, Staff, Students and Visitors:
The university recently identified a security breach affecting credit card purchases made at food outlets on the USC University Park and Health Sciences campuses.
We are still investigating this matter but we want to share with you what we have discovered to date.
Credit card numbers were obtained illegally through a breach in a third-party software system used to process credit card transactions in some USC dining halls, including Ronald Tutor Campus Center, Seeds, the Lab on Figueroa St. and Starbucks on the Health Sciences Campus during the period from May 21 to June 21, and possibly earlier.
Only credit card numbers were exposed. No personally identifiable information was compromised.
Upon learning of the breach, the university promptly disabled the compromised system.
The university has notified the vendor of the security breach and has requested that the vendor take appropriate corrective actions to secure its system.
USC’s Department of Public Safety and the Los Angeles Police Department are investigating the incident.