U.C. Berkeley Alumni Data Is Breached ... Again.
|Social Security Number ... robble robble|
I had to read about the first security breach in the Chronicle. Overseas hackers busted into the campus' health services databases in October of last year, which contained 97,000 social security numbers, health insurance information, immunization records, and basically all of the information you never want anyone else to know. The school discovered the breach in April of this year, and notified students more than two weeks later -- at which point we were told not to panic and to call a hotline.
This time, alums of U.C. Berkeley's school of journalism got a not-so-pleasant surprise at the end of a lengthy and gushing alumni letter from Dean Neil Henry yesterday cataloging all the many donations and excellent programs coming the J-school's way. Almost as an afterthought, Henry warned 493 applicants to the school between 2007 and 2009 that a hacker may have accessed our social security numbers and other personal information. By this time I knew the drill: Don't panic. Call the hotline.
So I did. After a few moments of jazzy hold music, a very polite lady informed me that yes -- I am on their list. "So what do I do?" I asked. She explained how I can go about putting fraud alerts on my accounts, order credit reports, etc. When I asked how many people had been calling since the breach, she said I was the second person to call. Which means either no one knows yet, or no one cares.
Should we care? Bob Gregg, CEO of the breach prevention company, ID Experts, says absolutely. "Too often no one cares until something happens," he said in a phone interview with SF Weekly. Stealing credit information is one thing, but Gregg says there's an open market on the Internet for social security numbers, which can be used for much more creative purposes -- like medical procedures -- that will never show up on a credit report.
Gregg was surprised the school wasn't offering any other protections than a hotline that puts the onus on students to protect their credit (he says his company works with schools every day). In their defense, he added, these kinds of breaches are happening everywhere nowadays. "You'd be amazed at how common this is," said Gregg. "I call it the data breach perfect storm."