Categories: NewsUC System

Systemwide Data Breach Poses Threat to Students’ Personal Information

The University of California released a statement on March 31 stating they were impacted by a cyber attack that affected at least 300 organizations including several universities, such as Stanford and the University of Maryland, Baltimore, and many government agencies. This data breach of personal information was due to a vulnerability in Accellion’s system, a third party vendor that handles secure file transfers. 

Those behind the attack have published online screenshots of personal information onto a website called Clop, which can range from Social Security numbers to bank account information. 

On April 1, UC San Diego released an email to school employees and staff regarding the cyber attack, stating UC employees were victims of the data breach. In the email, they said they were working closely with the UC Office of the President (UCOP) regarding the incident and would communicate with any employees involved in the cyber attack. 

A day later, on April 2, UCOP sent an email to the UC community regarding the cyber attack. They recommended signing up for Experian ID, a credit monitoring system that has been offered to the UC community for one free full year of membership. This service is available to students with a Social Security number. 

Prior to UCSD’s announcement, many students had already received suspicious emails, mentioning their personal information had been hacked. Seeing as the emails were sent to spam folders, students were able to find out about the breach due to conversations on Reddit

A third year student, who asked to remain anonymous, received an email on March 30 that threatened to publish their information if they did not click on an external link. 

The email included the following text: “The UC has been hacked and is not taking action to resolve the problem. Your information will be published to the darknet.”. 

Although UCSD recommended signing up for a credit monitoring program, the student felt unsafe putting more of their information online so they deleted their account. 

Alexandra, a second year student who asked to be identified by her first name, received a similarly suspicious email on March 30. The email featured unusual font, grammar mistakes, another external link, and a “sense of aggression from the sender.” 

In a statement to the Triton, she explained that she expected the school to have had a better system to handle these situations. “Many students, including myself, know very little about what is actually going on regarding the breach which is concerning since we are the ones affected by it,” Alexandra said. 

In the UC’s follow up FAQ email sent on April 5, they answered common questions regarding the cyber attack, including who else could be affected by the data breach. 

“Family members who are listed as dependents or beneficiaries on employee or retiree accounts, or who are listed on student paperwork, may be affected,” said UC officials. 

Currently, the UC is working with local and federal law enforcement as well as third-party vendors to investigate the incident. They are reviewing security controls as well as implementing additional security measures to prevent future hacking attacks in the future, as they explain in the FAQ. Only after completing their investigation does the UC think they will be able to properly assess the extent of data and individuals impacted. 

However, Alexandra remains concerned about the university’s lack of guidance.  “Providing credit monitoring is great, but only helpful if the person hasn’t been targeted. No information or assistance has been released on what a student should do if they are a victim of identity theft or another consequence as a result of the breach,” she said. “I’ve made sure to update passwords and secure emails and bank information but at the moment I’m not reassured that the school will assist students if they are targeted directly.”

This is not the first time Accellion has been a victim of hacking. Last March, Wired released an article that revealed Accellion had been experiencing data breaches since December 2020. In response to these breaches, Accellion released a statement in January mentioning they “released a patch within 72 hours to the less than 50 customers affected.” They recommended that their customers update to another firewall platform for “highest level of security and confidence.” 

This is also not the first time that UCSD has been a victim of a data breach. In 2018, the University was involved in a cyber attack in which they notified 619 of their patients that their personal information had been leaked by Nuance Communications, a computer software company. It was determined that a former Nuance employee obtained access to the information of 45,000 individuals, including UCSD patients.

In addition to utilizing credit monitoring softwares and the University-provided code, UC President Michael Drake recommends that students change passwords, check their spam for emails, and place fraud alerts on credit accounts. 

An identity theft protection workshop hosted by UCSD and UCSD health was held on April 8 at 2 p.m. The workshop was to teach students how to register for credit monitoring, how to use the credit monitoring service, and how to take other steps to protect themselves. The workshop will not address specifics of the data breach incident. Click here for updated FAQs and information.. 

Any suspicious emails should be sent to abuse@ucsd.edu

Additional questions regarding the data breach and security can also be sent to communications@ucop.edu

Vanessa Gaeta is a staff writer for The Triton. You can follow her @_vnsgg.

Leave a Comment

View Comments

  • I think the admin of this web site is genuinely working hard in support of his web page, for the reason that here every information is
    quality based information.

  • Hi, Neat post. There is a problem along with your site in web explorer, would
    check this? IE still is the market chief and
    a huge portion of other people will miss your magnificent
    writing due to this problem.

  • Hi there, I discovered your site by the use of
    Google at the same time as looking for a related topic, your website got here
    up, it seems to be good. I've bookmarked it in my google bookmarks.[X-N-E-W-L-I-N-S-P-I-N-X]Hello there, simply was aware of your weblog thru Google,
    and located that it's truly informative. I'm gonna
    be careful for brussels. I'll appreciate for those who continue this in future.
    A lot of other people will likely be benefited out of your writing.
    Cheers!

    Look at my web site - Essential Male Enhancement

  • Next time I read a blog, Hopefully it does not disappoint
    me just as much as this particular one. After
    all, Yes, it was my choice to read through, but I really
    believed you would have something helpful to say. All I hear
    is a bunch of crying about something that you could possibly
    Slim Belly Fix Reviews
    if you were not too busy looking for attention.

  • Great work! This is the kind of info that are meant to be shared across the web.
    Shame on Google for now not positioning this put up upper!
    Come on over and discuss with my site . Thank you =)

    Here is my page; ok388 jackpot

  • Wonderful work! This is the kind of info that are meant to be shared across the internet.
    Shame on Google for no longer positioning this submit higher!
    Come on over and seek advice from my website . Thanks
    =)

    Here is my web blog Essential Nutrition Keto Reviews

  • Please let me know if you're looking for a writer for your blog.
    You have some really good articles and I believe I would be a good asset.
    If you ever want to take some of the load off, I'd absolutely
    love to write some articles for your blog in exchange for a link back to mine.
    Please shoot me an email if interested. Regards!

    Here is my blog - kiosk 918kiss plus vip

  • Good write-up, I am normal visitor of one's website, maintain up the excellent operate, and It is going to be a regular visitor for
    a long time.

    My web-site Body Core Keto

Recent Posts

AFSCME Local 3299 Initiates Unfair Labor Practices Strike Across UC

On November 20, 2024, at 12:00 A.M., the American Federation of State, County and Municipal…

3 hours ago

Cut to State Funding of UC System Causes Changes in Geisel Services

On September 19, UC San Diego announced changes to library services beginning September 23 in…

1 week ago

UCSD’s First Professor of Practice Faces Allegations of Sexual Misconduct

UC San Diego’s first ‘Professor of Practice’ and former County Supervisor, Nathan Fletcher, has been…

1 week ago

Live Updates: Unidentified Death in Geisel Library

Wednesday, November 6,  1:50 P.M. Update On Nov. 6 at approximately 11:35 A.M., an unidentified…

2 weeks ago

Photo Essay: Palestinian Youth Movement Rally and March

On July 28, 1:00 p.m. the Palestinian Youth Movement(PYM) organized a rally at the San…

2 months ago

Submission: You Wrote Them in the Cruelest Way

Words matter. Words can reveal hidden depths or conceal them. Words can bring people together…

5 months ago