[ISN] Stolen UC Berkeley Laptop Exposes Personal Data of Nearly 100, 000

InfoSec News isn at c4i.org
Tue Mar 29 07:54:30 EST 2005


http://www.washingtonpost.com/wp-dyn/articles/A7653-2005Mar28.html

By MICHAEL LIEDTKE
AP Business Writer
March 28, 2005

SAN FRANCISCO (AP) -- A thief has stolen a computer laptop containing
personal information about nearly 100,000 University of California,
Berkeley alumni, graduate students and past applicants, continuing a
recent outbreak of security breakdowns that has illustrated society's
growing vulnerability to identity theft.

University officials announced the March 11 theft on Monday under a
state law requiring that consumers be notified whenever their Social
Security numbers or other sensitive information has been breached.

Notifying all of the 98,369 people affected by the UC Berkeley laptop
theft could prove difficult because some of the students received
their doctorate degrees nearly 30 years ago, university officials
said.

The laptop -- stolen from a restricted area of a campus office --
contained the Social Security numbers of UC Berkeley students who
received their doctorates from 1976 through 1999, graduate students
enrolled at the university between fall 1989 and fall 2003 and
graduate school applicants between fall 2001 and spring 2004. Some
graduate students in other years also were affected.

The stolen computer files also included the birth dates and addresses
of about one-third of the affected people.

University police suspect the thief was more interested in swiping a
computer than people's identities, UC Berkeley spokeswoman Maria Felde
said. She said there been no evidence so far that the stolen
information has been used for identify theft. Scam artists often use
the data to borrow money by posing as someone else.

The UC Berkeley theft follows several other high profile instances in
which businesses and colleges have lost control of personal
information that they kept in computer databases.

Recent breaches have occurred at ChoicePoint Inc., a consumer data
firm duped into distributing personal information about 145,000
people; Lexis-Nexis, where computer hackers obtained access to the
personal information of 32,000 people; and Chico State University,
where a computer hacking job exposed 59,000 people to potential
identity theft.





More information about the ISN mailing list