Berkeley Breach Hits 1,600, Costs $150,000 so Far -- Campus Technology

Information Technology

Berkeley Breach Hits 1,600, Costs $150,000 so Far

By Dian Schaffhauser
12/16/14

The University of California Berkeley has gone public with details regarding a data breach that affected 1,600 people when servers in its real estate division were hacked. According to a university statement, the data included 1,300 Social Security numbers and about 300 credit card numbers, dating between the early 1990s and May 2014.

According to coverage in student newspaper, The Daily Californian, the breach may have occurred when an employee performed work activities while on vacation, allowing a username and password to be stolen. Reporter Amy Jiang said that the breach has cost the campus about $150,000 so far, "although full costs have yet to be calculated."

While the institution noted that there has been no evidence that the personal information has been misused by the hackers, the university has set up a free credit-monitoring service with ID Experts for those potentially affected.

The school said that the servers, which maintained information about capital projects and physical plan units, weren't "primary storehouses" of personal data. However, they did have files with such information, such as employee expense reimbursement forms and documents from small companies that used personal Social Security numbers as tax identification numbers.

The breach was uncovered in September and the affected computers were removed from the network. The university brought in an outside firm to explore the servers for personal data, work that ended in the week of November 17. At that point UC Berkeley began contacting by mail those individuals whose information had been stored on the computers. The real estate division has also implemented new procedures to prevent the break-in from happening again.

"We understand that it's disturbing to learn that your Social Security number or credit card number may have been exposed to hackers, and we truly regret that this has occurred," said Paul Rivers, the university's interim chief security officer. "We are encouraging those affected to take advantage of the free credit monitoring service that the university is offering to those impacted by the breach."

About the Author

Dian Schaffhauser is a former senior contributing editor for 1105 Media's education publications THE Journal, Campus Technology and Spaces4Learning.

E-Mail this page

Printable Format

Featured

Educause HECVAT Vendor Assessment Tool Gets an Upgrade

Educause has announced HECVAT 4, the latest update to its Higher Education Community Vendor Assessment Toolkit.
The 2025 NFL Draft and Ed Tech Selection: A Strategic Parallel

In the fast-evolving landscape of collegiate football, the NFL, and higher education, one might not immediately draw connections between the 2025 NFL Draft and the selection of proper educational technology for a college campus. However, upon closer examination, both processes share striking similarities: a rigorous assessment of needs, long-term strategic impact, talent or tool evaluation, financial considerations, and adaptability to a dynamic future.
Improving AI Governance for Stronger University Compliance and Innovation

AI can generate valuable insights for higher education institutions and it can be used to enhance the teaching process itself. The caveat is that this can only be achieved when universities adopt a strategic and proactive set of data and process management policies for their use of AI.
AWS Offers DeepSeek-R1 as Fully Managed Serverless Model, Recommends Guardrails

Amazon Web Services (AWS) has announced the availability of DeepSeek-R1 as a fully managed serverless AI model, enabling developers to build and deploy it without having to manage the underlying infrastructure.