University of California
UCSF Doctor Falls Victim to Phishing Scam
Quick Facts
- Date: 12/15/2009
- Institution: University of California, San Francisco
- Type of Incident: Penetration
- Number Affected: 600
- Source: PHIPrivacy.net
- Abstract Source: San Francisco Business Times
Abstract
The University of California, San Francisco has alerted patients after a physician's email account was compromised. The email account contained demographic and clinical information as well as some Social Security numbers on 600 patients. The email account became compromised in mid-October after the physician fell victim to a phishing scam. Accordign to UCSF news director Corinna Kaarlela, these 600 individuals were notified staring October 21 and December 11, 2009 which is the period during with the university conducted an in-depth investigation into the incident. While the investigation uncovered no indication the emails were accessed, individuals potentially affected were urged to carefully review statement from health insurers for suspicious payments and immediately report any discrepancies to their insurance provider.
Berkeley School of Journalism Web Site Breach Exposes Student Information
Quick Facts
- Date: 8/11/2009
- Institution: University of California, Berkeley
- Type of Incident: Penetration
- Number Affected: 493
- Source: OSF DataLoss DB
- Abstract Source: UC Berkeley News
Abstract
The University of California, Berkeley is notifying students after a web server containing student information was breached. The web server, part of the university's School of Journalism, contained the personal information, dates of birth and Social Security numbers of 493 students that applied for admission between September 2007 and May 2009. While there is no evidence that the attacker gained access to the student data, the university issued the warnings to be safe. Staff became aware of the incident after launching an investigation into the claims that someone had breached the site. Staff worked quickly to repair the security vulnerability and the web site was placed back online.
UCSD Flooded With Phone Calls Following Computer Breach
Quick Facts
- Date: 7/17/2009
- Institution: University of California, San Diego
- Type of Incident: Penetration
- Number Affected: 30,000
- Source: Personal Health Information Privacy
- Abstract Source: Sign On San Diego
Abstract
Hundreds of concerned patients have been flooding the phone lines after the University of California San Diego's Moores Cancer Center suffered a computer breach. An unknown individual breached the Cancer Center's computers and stolen files on 30,000 patients containing names, dates of birth, medical record numbers, diagnoses and treatment dates back to 2004. The main concern among callers was the safety of their Social Security numbers. According to UCSD Health Sciences chief of marketing and communications officer DeAnn Marshall only 36 of the stolen files contained Social Security numbers. Following the breach, staff are working to review all security measures and taken any corrective measures if necessary.
Hackers Breach UC Berkeley Database, Steal Social Security Numbers
Quick Facts
- Date: 5/08/2009
- Institution: University of California, Berkeley
- Type of Incident: Penetration
- Number Affected: 160,000+
- Source: DataBreaches.net
- Abstract Source: UC Berkeley News Update
Abstract
The University of California, Berkeley began notifying individuals today after staff discovered a unknown individual(s) attacked a restricted database on a computer in the university's health services center. The computer contained the names, Social Security numbers, health insurance information, immunization records, and patient physician information on more the 160,000 UC Berkeley student and alumni as well as former Mills College students. UC Berkeley discovered the breach in April and immediately took action. The affected database was taken offline and UC Berkeley contacted the both campus police and the FBI. According to Shelton Waggener, UC Berkeley's associate vice chancellor for information technology and its chief information officer, the university takes its data steward responsibilities serious and regrets the incident. UC Berkeley has created a web site - datatheft.berkeley.edu - and a hotline - 888-729-3301 - to help answer additional questions about this incident.
[Update1]UC Irvine ID Theft Caused By UnitedHealthCare Data Breach
Quick Facts
- Date: 6/3/2008
- Institution: University of California, Irvine
- Type of Incident: Employee Fraud (updated)
- Number Affected: 1,132
- Source: Pogo Was Right
- Abstract Source: ComputerWorld
- Update1 Source: The Mercury News
Abstract
A large number of ID theft crimes affecting University of California, Irvine medical students has been traced back to a data breach at UnitedHeathCare. A total of 1,132 current and former graduate students enrolled in the university's graduate student health insurance program could fall victim to tax scam. So far, 155 of these students have had criminals file false tax returns in the students name an collect the refunds. Only those students enrolled in the insurance program in 2006-2007 are affected. The University of California, Irvine has setup a web site - www.uci.edu/identitytheftalert/ - to answer questions about this incident.
Update1
Police have arrested a Fort Worth, Texas man in connection with the ID theft crimes affected UC Irvine students. Authorities allege that Micheal Tyrone Thomas stole a file containing UC Irvine student information while working for UnitedHealthcare. According to a UnitedHealthcare statement, the company is "outraged that a former employee may have illegally accessed information regarding certain University of California, Irvine, students and may have used the information for criminal purposes" and UnitedHealthcare is working with authorities on the case.
