Breach in Berkeley: 160,000 Student Records Compromised |
|
|
|
|
Written by Identity Theft Daily Staff
|
|
Thursday, 21 May 2009 |
|
ID thieves hacked into two databases in the University of California, Berkeley health center this past week. The databases contained the personal information for more than 160,000 students, alumni, and staff. The breach might have gone unnoticed if the hackers hadn’t decided to leave messages in the data logs gloating about their crime. Officials believe the hackers live overseas, probably in China, and that they hacked the information by accessing the University’s public website and inserting a malscript into the database that feeds the site. The hackers accessed the system repeatedly from October of 2008 through April of this year.
Stolen information includes SSNs, medical insurance information, immunization records, and doctors’ names dating back to 1999. According to some reports, Berkeley had stored these student and staff records in an unprotected Excel spreadsheet.
The identity theft experts most likely sell the breached data on the black market, resulting in a rash of medical identity theft or financial fraud. Victims should regularly check in with their health insurance providers to make sure fraudsters haven’t filed any claims.
Berkeley has taken the step of letting all those affected by the breach know about it. The university has also set up a website and a data hot line (1-888-729-3301) to provide more advice and updates for victims of the breach. In an attempt to prevent identity theft, Berkeley encourages all the victims to place a fraud alert on their credit reports, which will deter financial institutions from issuing credit and loans in the victims’ names.
Despite a quick response time to the crime, many are questioning why the University wasn’t protecting this information more carefully in the first place.
The Berkeley breach follows similar University cases of identity theft, such as the Harvard breach that happened in March and affected 10,000 university applicants. The Identity Theft Resource Center has tallied 213 breaches so far this year alone, resulting in 11,482,617 exposed records. 32 of those 213 breaches happened at educational institutions, putting 348,774 students, staff members, and alumni across the nation at risk.
|
