Berkeley Breach Hits 1,600, Costs $150,000 so Far

  • By Dian Schaffhauser
  • 12/16/14

The University of California Berkeley has gone public with details regarding a data breach that affected 1,600 people when servers in its real estate division were hacked. According to a university statement, the data included 1,300 Social Security numbers and about 300 credit card numbers, dating between the early 1990s and May 2014.

According to coverage in student newspaper, The Daily Californian, the breach may have occurred when an employee performed work activities while on vacation, allowing a username and password to be stolen. Reporter Amy Jiang said that the breach has cost the campus about $150,000 so far, "although full costs have yet to be calculated."

While the institution noted that there has been no evidence that the personal information has been misused by the hackers, the university has set up a free credit-monitoring service with ID Experts for those potentially affected.

The school said that the servers, which maintained information about capital projects and physical plan units, weren't "primary storehouses" of personal data. However, they did have files with such information, such as employee expense reimbursement forms and documents from small companies that used personal Social Security numbers as tax identification numbers.

The breach was uncovered in September and the affected computers were removed from the network. The university brought in an outside firm to explore the servers for personal data, work that ended in the week of November 17. At that point UC Berkeley began contacting by mail those individuals whose information had been stored on the computers. The real estate division has also implemented new procedures to prevent the break-in from happening again.

"We understand that it's disturbing to learn that your Social Security number or credit card number may have been exposed to hackers, and we truly regret that this has occurred," said Paul Rivers, the university's interim chief security officer. "We are encouraging those affected to take advantage of the free credit monitoring service that the university is offering to those impacted by the breach."

About the Author

Dian Schaffhauser is a former senior contributing editor for 1105 Media's education publications THE Journal, Campus Technology and Spaces4Learning.

Featured

  • glowing digital brain-shaped neural network surrounded by charts, graphs, and data visualizations

    Google Releases Advanced AI Model for Complex Reasoning Tasks

    Google has released Gemini 2.5 Deep Think, an advanced artificial intelligence model designed for complex reasoning tasks.

  • abstract pattern of cybersecurity, ai and cloud imagery

    OpenAI Report Identifies Malicious Use of AI in Cloud-Based Cyber Threats

    A report from OpenAI identifies the misuse of artificial intelligence in cybercrime, social engineering, and influence operations, particularly those targeting or operating through cloud infrastructure. In "Disrupting Malicious Uses of AI: June 2025," the company outlines how threat actors are weaponizing large language models for malicious ends — and how OpenAI is pushing back.

  • cybersecurity book with a shield and padlock

    NIST Proposes New Cybersecurity Guidelines for AI Systems

    The National Institute of Standards and Technology has unveiled plans to issue a new set of cybersecurity guidelines aimed at safeguarding artificial intelligence systems, citing rising concerns over risks tied to generative models, predictive analytics, and autonomous agents.

  • magnifying glass highlighting a human profile silhouette, set over a collage of framed icons including landscapes, charts, and education symbols

    AWS, DeepBrain AI Launch AI-Generated Multimedia Content Detector

    Amazon Web Services (AWS) and DeepBrain AI have introduced AI Detector, an enterprise-grade solution designed to identify and manage AI-generated content across multiple media types. The collaboration targets organizations in government, finance, media, law, and education sectors that need to validate content authenticity at scale.