Has anyone else gottent this?
Dear Associate of UC Berkeley,
We are writing to you because UC Berkeley`s University Health
Services, UHS, recently learned that criminal computer hackers broke
into electronic databases containing personal information belonging to
some UHS clients and their parents or spouses.
Although the investigation is still underway, we wanted to alert you
as soon as possible that some of your personal information, including
your Social Security number stored on those databases, was stolen,
which puts you at risk for identity theft. It is also possible that
your parents or guardian or spouse`s information was taken if you
waived enrollment in the Student Health Insurance Plan, and they were
the policy holder of your health coverage.
In addition, the criminals may have stolen information related to your
health insurance coverage and some of your non-treatment medical
information such as Hepatitis B immunization history, UHS medical
record number, dates of visits or names of providers seen, or for
participants in the Education Abroad Program, certain information from
the self-reported health history. You will receive a second
notification letter from us if, in addition to your Social Security
number, this information was also stolen.
Please be assured that UHS electronic medical records, including
patient diagnoses, treatments and therapies, are stored in a separate
system and were not affected in this incident.
We sincerely regret and apologize for any difficulty that this theft
may create for you. We have alerted campus police detectives and the
FBI, and we are doing all that we can to investigate this crime. We
are also dedicated to assisting you with information about the
incident and services that can help prevent or minimize the impact
this theft may have on you.
Protecting Your Personal Information
Attached to this letter is a resource sheet to assist you with steps
that you may wish to take to protect your identity and credit. As a
precautionary measure, we urge you to create immediately a no-cost,
formal fraud alert on your consumer credit file. If someone attempts
to open a new credit card account in your name, this service will
monitor activity on your account.
We have also established a Data Theft Hotline, 888-729-3301. Trained
personnel will be available 24 hours a day, 7 days a week to help you
determine the full extent of your personal exposure and assist you
with information about credit and identity protection services. When
you call, you will be asked to provide personal information to
validate your identity.
Additional information can also be found on our dedicated web site:
http://datatheft.berkeley.eduBackground Information about the Theft
UC Berkeley computer administrators determined on April 21, 2009 that
restricted electronic databases had been illegally accessed by
hackers, and that the data thefts began on October 9, 2008, and
continued until April 6, 2009. All of the exposed databases were
immediately removed from service to make sure that they would be
completely protected from any future attacks. To ensure that we fully
understand the nature of the security breach and to determine the
steps that we can take to minimize the risk of a reoccurrence, the
university has hired an outside auditor, Price Waterhouse Coopers, to
support our ongoing investigation of the incident.
Finally, please be aware that sometimes in these situations, dishonest
people falsely identifying themselves as UC Berkeley representatives
may contact you and offer assistance with the intention of obtaining
more personal information from you. If you call our Data Theft Hotline
the operator will need to ask for information to validate your
identity, but we want to assure you that UC Berkeley will not contact
you by phone, e-mail or any other method to ask you for personal
information. If you are uncertain about any inquiry, please call our
hotline directly.
Sincerely,
Steve Lustig
Associate Vice Chancellor, Health and Human Services
Shelton Waggener
Associate Vice Chancellor & Chief Information Officer
