SAN FRANCISCO (Reuters) - Officials at the University of California Berkeley said on Friday that they were alerting 80,000 people, including current and former students, faculty and vendors of a cyber attack on a system that stores social security and bank account numbers.
The news comes just more than a week after a Southern California hospital paid hackers $17,000 in the digital currency Bitcoin to regain control of their computer systems after a so-called “ransomware” attack.
The San Francisco Bay Area university said there was no evidence that attackers actually took any personal information, but that it was still alerting the 80,000 individuals to be on the lookout for misuse of their information.
The school said a hacker or hackers gained access to its financial management software in late December due to a security flaw present when the system is updating. Officials have notified law enforcement, including the FBI, and hired a private computer investigation company.
The university said among the potentially affected are 57,000 current and former students; about 18,800 former and current employees; and 10,300 vendors who work with the school. Those figures come out to about half of the school’s current students and two-thirds of its active employees.
Large, high-profile organizations and businesses routinely come under cyber attack, and the school said it frequently identifies similar hacking attempts.
“The security and privacy of the personal information provided to the university is of great importance to us,” Paul Rivers, UC Berkeley’s chief information security officer, said in a statement. “We regret that this occurred and have taken additional measures to better safeguard that information.”
The school said it was providing credit protection service free of charge to those potentially impacted.
Reporting by Curtis Skinner in San Francisco; Editing by Sharon Bernstein