Quick Facts

• Date: 8/11/2009
• Institution: University of California, Berkeley
• Type of Incident: Penetration
• Number Affected: 493
• Source: OSF DataLoss DB
• Abstract Source: UC Berkeley News

Abstract
The University of California, Berkeley is notifying students after a web server containing student information was breached. The web server, part of the university's School of Journalism, contained the personal information, dates of birth and Social Security numbers of 493 students that applied for admission between September 2007 and May 2009. While there is no evidence that the attacker gained access to the student data, the university issued the warnings to be safe. Staff became aware of the incident after launching an investigation into the claims that someone had breached the site. Staff worked quickly to repair the security vulnerability and the web site was placed back online.

Quick Facts

• Date: 5/08/2009
• Institution: University of California, Berkeley
• Type of Incident: Penetration
• Number Affected: 160,000+
• Source: DataBreaches.net
• Abstract Source: UC Berkeley News Update

Abstract
The University of California, Berkeley began notifying individuals today after staff discovered a unknown individual(s) attacked a restricted database on a computer in the university's health services center. The computer contained the names, Social Security numbers, health insurance information, immunization records, and patient physician information on more the 160,000 UC Berkeley student and alumni as well as former Mills College students. UC Berkeley discovered the breach in April and immediately took action. The affected database was taken offline and UC Berkeley contacted the both campus police and the FBI. According to Shelton Waggener, UC Berkeley's associate vice chancellor for information technology and its chief information officer, the university takes its data steward responsibilities serious and regrets the incident. UC Berkeley has created a web site - datatheft.berkeley.edu - and a hotline - 888-729-3301 - to help answer additional questions about this incident.

Quick Facts

• Date: 5/16/2006
• Institution: University of California, Berkeley
• Type of Incident: Penetration
• Number Affected: 1,200
• Source: Attrition.org
• Abstract: Berkeley

Abstract
A recent computer virus investigation at UC Berkeley uncovered unauthorized access within Berkeley's Cal 1 Card (C1C). Stored on the C1C computer were archived spreadsheets containing student information including names and Social Security numbers. A thorough investigation into this incident reveled no evidence that the unknown intruder accessed these spreadsheets. However, UC Berkeley is alerting 1,200 current and former students about the incident and urging them to closely monitor their credit.

Quick Facts

• Date: 9/16/2005
• Institution: University of California, Berkeley
• Type of Incident: Theft
• Number Affected: 98,000
• Source: INFOSEC Year In Review
• Abstract Source: PC World via EDUPAGE

Abstract

A laptop stolen in March from the University of California at Berkeley has been recovered, after being bought and sold several times, ultimately landing in South Carolina. When stolen, the computer contained sensitive data on more than 98,000 UC Berkeley graduate students, but by the time it was recovered, all of its files and operating system had been cleared, making it impossible to determine if the personal information was accessed after the theft. Following the theft, the university worked to contact those whose data was contained on the computer, as required by California law, and also hired an outside consultant to audit the institution's practices of handling such data, according to spokesperson Janet Gilmore. The university is currently assessing the recommendations of that audit and how to implement them. PCWorld, 16 September 2005

[Abstract by Edupage Editors taken directly from Edupage, September 16, 2005]