Hackers Breach 160k Med Records at UC Berkeley

Dennis Faas's picture

Hackers have reportedly infiltrated restricted computer databases at the University of California Berkeley, putting the private data of 160,000 students, alumni, and others at risk.

According to UC Berkeley, computer administrators determined that electronic databases in University Health Services had been breached by overseas criminals on April 21, 2009. UHS electronic medical records, including details of patients' diagnoses, treatments and therapies were not affected in this breach because they're stored on a separate system. (Source: http://datatheft.berkeley.edu)

Social Security Numbers Included in Breach

Information contained on the breached databases included Social Security numbers, health insurance information and non-treatment medical information such as records of immunization and names of treating physicians. (Source: berkeley.edu)

More than 160,000 individuals will be alerted by the university. Victims include current and former UC Berkeley students, their parents or spouses (if insurance coverage is linked) and approximately 3,400 Mills College students who received or were eligible to receive health care at UC Berkeley.

97,000 Social Security numbers -- which can be used to access a victim's credit history and other important financial accounts as well and used to open new financial accounts or get a driver's license in the victim's name -- were stolen according to UC Berkeley's Chief information officer. (Source: yahoo.com)

Taunting Messages Left by Hackers

The breach began on October 9, 2008 and continued until April 9, 2009 when computer administrators identified taunting messages left by hackers while performing routine maintenance. The attacks appear to have been launched overseas.

The FBI and campus police are investigating the breach, which was traced to a number of overseas locations, including China. UC Berkeley has also hired an outside Internet security firm to audit the school's systems and security measures.

Victims were not notified until this past Friday because it took until April 21 to figure out which databases had been breached.

The university set up a website, http://datatheft.berkeley.edu, to help the victims of the breach, and established a 24-hour Data Theft Hotline, 888-729-3301, to answer inquiries.

Is the Third Time the Charm?

This is the third time in five years UC Berkeley has had electronic information compromised.

In a previous episode dating back to March, 2005, a thief walked into one of UC Berkeley's offices and stole a laptop that contained personal information on almost 100,000 alumni, students and applicants.

In August 2004, research being done by UC Berkeley for the State Department of Social Services was compromised by hackers. That database breach put the information of about 600,000 people at risk. (Source: yahoo.com)

Visit Bill's Links and More for more great tips, just like this one!

Rate this article: 
No votes yet