550 Hit in Berkeley Data Break-In
- By Dian Schaffhauser
- 05/01/15
The University of California Berkeley has sent out notification to those affected
by a recently discovered data breach. The break-in involved access to a campus Web server maintained by a unit within the university's
Division of Equity and Inclusion. The server was used to store records that
had family financial information, including Social Security and bank account numbers, submitted by students.
About 550 people were affected, including undergraduate and former students as well as parents and others. The school has offered them free
credit monitoring for a year as well as a list of resources they can use to monitor for suspicious activity on their accounts.
However, the institution said it has seen no evidence that the information has been used for unauthorized activities. California law
stipulates that a business or public agency notify a state resident whose unencrypted personal information has been acquired by an
unauthorized person.
Campus representatives learned of the breach on March 14 and removed the affected server from the network. A forensics investigation
determined that the digital compromise had taken place in December 2014 and again in February 2015. Data theft targets were informed at the
end of April, once the investigation had confirmed the names of those affected.
In December the university went public with details about another
data breach that
affected about 1,600 people. In that case, an employee doing work while on vacation allowed a username and password to be stolen.
About the Author
Dian Schaffhauser is a former senior contributing editor for 1105 Media's education publications THE Journal, Campus Technology and Spaces4Learning.