Monday, May 11, 2009

Personal information of thousands of UC Berkeley students, alumni hacked

Approximately a decade's worth of information on current and former UC Berkeley students was stolen by hackers, as announced by the University last Friday. The infractions concerned records dating back to 1999 at the school's health center that included Social Security numbers, health insurance information, immunization history and the names of treating physicians.

The thefts were initially discovered about a month ago, but system administrators did not realize the scope of the attack until April 21.

University Associate Vice Chancellor for Information Technology Shelton Waggener said the hackers disguised their work as routine operations and then left taunting messages for UC Berkeley employees. Waggener says that the thieves accessed the information through the University web site.

Stanford University Professor of Computer Science John Mitchell said that thieves worldwide have set up black markets to sell stolen data, adding that Asia, Eastern Europe and Nigeria have particularly active hackers. Mitchell also stated that the taunting messages left by the Berkeley thieves may indicate they are amateurs.
"If your intent is to steal information and sell it on the black market, you're probably not going to call attention to yourself like that," he said. "It could be that these are kids."

See more in The Daily Review.