UC Berkeley Servers Hacked, 1,600 May be Affected in Breach

The data breach included about 1,300 Social Security numbers and 300 credit card numbers, according to a campus spokeswoman.

by Natalie Neysa Alund, The Daily Review / December 17, 2014

(TNS) -- UC Berkeley officials are notifying about 1,600 people that their personal information may have been hacked by someone who gained access to servers and databases in the campus's Real Estate Division earlier this year.

The data breach included about 1,300 Social Security numbers and 300 credit card numbers, said campus spokeswoman Janet Gilmore.

Many of those affected are current or former campus employees. The group also includes people with companies doing business with the division from the early 1990s through May 2014, Gilmore said.

Campus officials finished checking volumes of files for personal information and confirming whose information may have been put at risk last week, Gilmore said Tuesday. Letters to the possible victims went out on Friday.

"There is no indication that the information was downloaded and used but, in an abundance of caution, we are encouraging those impacted to take advantage of the one free year of credit monitoring that we are offering," Gilmore added.

The Real Estate Division servers that were breached were not primarily used to store personal data, but some files on the servers did have sensitive information, such as Social Security numbers used as tax identification numbers in payment processing.

The breach was discovered in September, and the affected servers were removed from the network, Gilmore said. An outside firm was brought in to lead the search for any personal information on the servers.

"We understand that it's disturbing to learn that your Social Security number or credit card number may have been exposed to hackers, and we truly regret that this has occurred," said Paul Rivers, the university's interim chief security officer.

The campus Real Estate Division, working in coordination with campus IT officials, has been taking a number of steps to address the security breach. These include a review of all data involved and enhancing security controls.

©2014 The Daily Review (Hayward, Calif.)

Platforms & Programs