Data Breaches

Berkeley Breach Hits 1,600, Costs $150,000 so Far

The University of California Berkeley has gone public with details regarding a data breach that affected 1,600 people when servers in its real estate division were hacked. According to a university statement, the data included 1,300 Social Security numbers and about 300 credit card numbers, dating between the early 1990s and May 2014.

According to coverage in student newspaper, The Daily Californian, the breach may have occurred when an employee performed work activities while on vacation, allowing a username and password to be stolen. Reporter Amy Jiang said that the breach has cost the campus about $150,000 so far, "although full costs have yet to be calculated."

While the institution noted that there has been no evidence that the personal information has been misused by the hackers, the university has set up a free credit-monitoring service with ID Experts for those potentially affected.

The school said that the servers, which maintained information about capital projects and physical plan units, weren't "primary storehouses" of personal data. However, they did have files with such information, such as employee expense reimbursement forms and documents from small companies that used personal Social Security numbers as tax identification numbers.

The breach was uncovered in September and the affected computers were removed from the network. The university brought in an outside firm to explore the servers for personal data, work that ended in the week of November 17. At that point UC Berkeley began contacting by mail those individuals whose information had been stored on the computers. The real estate division has also implemented new procedures to prevent the break-in from happening again.

"We understand that it's disturbing to learn that your Social Security number or credit card number may have been exposed to hackers, and we truly regret that this has occurred," said Paul Rivers, the university's interim chief security officer. "We are encouraging those affected to take advantage of the free credit monitoring service that the university is offering to those impacted by the breach."

About the Author

Dian Schaffhauser is a senior contributing editor for 1105 Media's education publications THE Journal and Campus Technology. She can be reached at dian@dischaffhauser.com or on Twitter @schaffhauser.

comments powered by Disqus

Campus Technology News

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.