3,300 affected as hackers hit UCSD server

July 1, 2005

By Eleanor Yang, Union-Tribune Staff Writer


The University of California San Diego is alerting 3,300 students, staff and faculty whose confidential information was compromised after hackers broke into a university server. It's the fourth reported hacking into UCSD computers since April 2004.

Those affected had attended or worked at UCSD Extension in the past five years. The computers hacked into stored Social Security, driver license and credit card numbers. UCSD Extension provides a range of continuing education and certificate programs.

The university mailed letters to the 3,300 yesterday about the incident, which occurred in April. The university said it took two months to publicize the breach because of the "time-consuming" process of determining its scope.

"The reality is that whole . . . process is cumbersome and takes time," said UCSD spokeswoman Dolores Davies.

The university believes that, similar to an earlier incident, the hackers were planning to use the server for illegal file sharing, to store movies or music files.

University officials believe they discovered the breach within a few days. The university does not have evidence that the personal data were viewed or used for identity theft.

Those affected were advised to get copies of their credit reports, look for suspicious activity and consider requesting a fraud alert.

Under a state law that went into effect in July 2003, companies and state agencies are required to contact people when their computerized personal data have been compromised.

Despite the creation of a UCSD task force last year to guard against such breaches, Davies said, it's inevitable they will continue because of the hackers' persistence.

"We'll take all the steps we can to beef up security, but eventually, they do hack in," Davies said. "It's just something that happens and it's going to continue to happen."

In April 2004, the Supercomputer Center at UCSD was hacked into, as well as four university computers storing personal information for an estimated 380,000 students, alumni, faculty, employees and applicants. In November, about 3,500 records were hacked into at the UCSD Extension. University officials said they know of no cases of identity theft resulting from those breaches.

main page ATTRITION feedback