Dive Brief:
- The University of California-Berkeley is estimating that personal information from 1,600 current and former campus employees and contractors was exposed in a data breach.
- The files of students and alumni were not exposed in the breach, which was caused when the username and password of an employee who was doing work while on vacation was stolen, the Daily Californian reported.
- The theft allowed someone to have unauthorized access to the servers in the university’s real estate division, including access to 1,300 Social Security numbers and 300 credit card numbers.
Dive Insight:
So far, there is no evidence that the data was downloaded or used. The breach was discovered in September, and the university has been working since then to identify who may have been affected. That work has been completed, and the university began notifying those individuals on Friday, as required by state law. This data breach doesn’t come close to the magnitude of the university’s exposure in 2008, when personal and health data for 160,000 Berkeley students and alumni was stolen. That data theft also exposed Mills College students, and their parents and spouses, who were treated at the university’s health services center.