Interesting People mailing list archives
UC hacking leaves 160,000 at risk of ID theft
From: David Farber <dave () farber net>
Date: Fri, 8 May 2009 16:42:50 -0400
Begin forwarded message: From: Ari Ollikainen <ari () olteco com> Date: May 8, 2009 3:24:58 PM EDT To: dave () farber net Subject: UC hacking leaves 160,000 at risk of ID theft UC hacking leaves 160,000 at risk of ID theft Henry K. Lee, Chronicle Staff Writer Friday, May 8, 2009 (05-08) 11:11 PDT BERKELEY --Overseas hackers may have stolen confidential information belonging to tens of thousands of students and alumni at UC Berkeley and Mills College after gaining access to computer databases at the Berkeley campus' health services center, officials said today.
The databases contained Social Security numbers, health-insurance information and non-treatment medical information, such as immunization records and names of some of the doctors that people may have seen and dates of medical visits, said campus spokeswoman Janet Gilmore.
The hackers had access to the information for six months before they were discovered. The breach exposed 160,000 people to possible identity theft, Gilmore said. The university is contacting potential victims, who should consider placing a fraud alert on their credit reporting accounts, she said.
Among those at risk are 3,400 students at Mills College in Oakland who received, or were eligible to receive, health care at UC Berkeley.
Hackers had access to records of students and alumni at UC Berkeley dating back to 1999 and current and former Mills students going back to 2001. Spouses and parents are also vulnerable if they were linked to students' insurance coverage.
The hackers had access to the computer system from last Oct. 9 until April 9, when administrators performing routine maintenance discovered messages they had left, UC said.
Investigators suspect that the overseas hackers accessed a public Web site and then bypassed additional secured databases stored on the same server, Gilmore said. Officials did not say in which country the hackers were based.
UC has notified the FBI about the security breach."The university deeply regrets exposing our students and the Mills community to potential identity theft," said Shelton Waggener, UC Berkeley's associate vice chancellor for information technology and its chief information officer. "We are working closely with law enforcement and information security experts to identify the specific causes that may have contributed to this breach and to implement recommendations that will reduce our exposure to future attacks."
University officials stressed that hackers had not obtained medical records - including diagnoses, treatments and therapies - because they are stored in a separate system. However, some students who participated in UC Berkeley's Education Abroad Program may have had their self-reported health records stolen, Gilmore said.
The incident is the latest security breach at UC Berkeley, which has been victimized by hackers in previous high-profile incidents.
In 2005, someone stole a laptop computer containing Social Security numbers of more than 98,000 graduate students, graduate school applicants and other individuals.
In 1998, a high-tech intruder broke into computer accounts at UC Berkeley and other places around the world, decoding nearly 48,000 passwords in what experts then said was one of the largest known collections of stolen access codes.
The campus is sending out e-mails and letters today to potential victims of the latest attack. People with questions can call a hot line, (888) 729-3301.
E-mail Henry K. Lee at hlee () sfchronicle com. http://sfgate.com/cgi-bin/article.cgi?f=/c/a/2009/05/08/BAPA17H89B.DTL - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - The major difference between a thing that might go wrong and a thing that cannot possibly go wrong is that when a thing that cannot possibly go wrong goes wrong it usually turns out to be impossible to get at and repair. --- Douglas Adams ------------------------------------------- Archives: https://www.listbox.com/member/archive/247/=now RSS Feed: https://www.listbox.com/member/archive/rss/247/ Powered by Listbox: http://www.listbox.com
Current thread:
- UC hacking leaves 160,000 at risk of ID theft David Farber (May 08)