Massive Data Breach At UCLA Endangers 800,000

By Martin H. Bosworth
ConsumerAffairs.com

December 12, 2006

Data Theft

• 68,000 CalOptima Members at Risk in Data Breach
• Express Scripts Extortion Scheme Widens
• Technology Could Be Key To Stopping Unauthorized Charges
• T-Mobile: No Hacking in Data Breach
• T-Mobile Confirms Data Breach
• Consumers Increasingly Concerned About Online Transactions
• Are Identity Theft Services Worth the Cost?
• Online Tools Help Spot Financial Fraud
• Financial Fraud Hits 7.5 Percent Of Americans In 2008
• Feds Charge Mortgage Broker In Potential Data Breach
• Millions of Credit Cards Exposed in Data Breach
• 2008 Data Breach Total Soars
• Bank Data Breach Threatens 248,000 in North Carolina
• GPS Not Foolproof
• Countrywide Warns Millions of Data Breach
• Thieves Steal AT&T Laptop with Employee Data
• Report: Data Breach Disclosure Laws Don't Affect Identity Theft
• Patient Information Exposed in Data Breach at Walter Reed
• Supermarket Chain Reports Data Breach
• Report: Feds Still Not Doing Enough To Secure Data
• Data Thieves Hit Georgetown University Students, Faculty
• 800,000 Job Seekers At Risk In Gap Data Breach
• TJX Data Breach Settlement Has Strings Attached
• More ...

Hackers have gained access to databases at the University of California-Los Angeles (UCLA), making off with the personal information of 800,000 current and former students, employees, and faculty.

The data breach is thought to be the largest of its kind at an American college or university.

The breach first occurred in October 2005 but was not detected until November 2006, when it was blocked, according to a statement by UCLA's acting chancellor Norman Abrams.

The stolen information varies in content, but in many cases includes names, addresses, dates of birth, and Social Security numbers.

Despite the extraordinary duration of the hacker intrusion and the amount of information stolen, Abrams insisted there was no indication that the information had been used for identity theft or fraud as of yet.

He did not say why, in his opinion, hackers would steal the data if they did not intend to use it.

The hackers' attack involved targeting a single specific database using techniques to target Social Security numbers in particular, said UCLA's chief information officer Jim Davis.

The database even contained information on applicants who did not attend UCLA as well as parents of applicants seeking financial aid, going back as far as a decade.

Davis did not explain why the university had so much information and held it for so long.

Universities are increasingly prime targets for data thieves due to the huge amounts of information they amass on their students, often collected and organized by Social Security number.

College students also represent attractive targets for credit card fraud, since they have relatively unblemished credit histories and are swamped with solicitations for credit from the moment they step on campus.

Ohio University formerly held the dubious honor of being "Data Breach Central" after a breach at one of its health centers was revealed to be the latest in a series of intrusions that exposed the personal information of hundreds of thousands of students, faculty, and employees.

The breaches led to the firings of two administrators in Ohio University's IT department, who contested the moves and blamed the university management for failing to implement security procedures they devised to prevent such breaches.

Not long after the Ohio University breach, Sacred Heart University, in Fairfield, Connecticut, was hit with a hack attack. Like UCLA, Sacred Heart had been collecting data on applicants as well as attendees, and even students who filled out information at job fairs and exam testing services.

Last year, San Diego resident Eric McCarty exploited a vulnerability in the University of Southern California's (USC) online application site to gain access to the applicant database. McCarty, a former network administrator, used his expertise to circumvent the database's password protection and copy an undisclosed number of students' Social Security numbers.

McCarty was later arrested and pleaded guilty to a felony charge of unauthorized computer access.

Report Your Experience
If you've had a bad experience -- or a good one -- with a consumer product or service, we'd like to hear about it. All complaints are reviewed by class action attorneys and are considered for publication on our site. Knowledge is power! Help spread the word. File your consumer report now.

Share		Follow us on Twitter.

FREE CONSUMER NEWSLETTERS
The Daily Consumer Afternoons M-F Sign up now!	Consumer News & Alerts Every Sunday Sign up now!

CONSUMER NEWS

ConsumerAffairs.com on Facebook

SAFETY RECALLS

MOST-VIEWED PAGES

NEW COMPLAINTS

Allied American Warranty
Battery Doctors
Dollar Tree
Robert Zitofsky, DDS, West Haverstraw, NY
Country Lane Pups, Purdy, MO
Bayport Credit Union
Valley View Bank, Overland Park, KS
Victory Nissan, Chesapeake, VA
Victory Nissan, Richmond, VA
Napleton Chrysler Jeep Dodge, Kissimmee, FL

Back to the top |

Custom Search

AUTOMOTIVE
• Dealers
• Manufacturers
• Service
• Extended Warranties
• Lemon Laws
• Recalls
• Tires
• Transporters

FAMILY
• Aging
• Children, Parenting
• Recalls
• Dating
• Education
• Entertainment
• Pets
• Weddings

FINANCE
• Annuities
• Banks
• Credit Cards
• Debt Collection
• Debt Counseling
• Insurance
• Investing
• Loans
• Mortgages
• Payday Loans
• Student Loans
• Tax Prep

HEALTH
• Doctors
• Drugs, Pharmacies
• Health Clubs
• Hearing Care
• Hospitals
• Nursing Homes
• Nutrition, Diets
• Vision Care
• Weight Loss

HOUSE & HOME
• Appliances
• Cookware
• Furniture
• Home Improvements
• Lawn & Garden
• Movers
• Pools & Spas
• Realtors, Rental Agents
• Recalls
• Utilities

ELECTRONICS
• Cable TV/DBS
• Cameras
• Cell Phones
• Computers
• Home Electronics
• Internet Access
• Local Phone Service
• Long Distance
• VoIP

SHOPPING
• In-Home
• Online
• Retail Stores
• Sporting Goods
• Supermarkets
• Telemarketers

TRAVEL
• Airlines
• Bus Lines
• Car Rental
• Cruises
• Hotels
• Travel Agents
• Trains

RESOURCES
• Class Actions
• Complaint Form
• Small Claims Guide
• Lemon Laws

CONSUMER NEWS
• Latest News
• Automotive
• Telecom
• Financial
• Health
• Homeowners
• Scams
• Seniors
• Travel
• More ...

RECALLS
• Automotive
• Children's Products
• Drugs
• Food
• Household Products
• Sporting Goods

ABOUT US
• FAQ
• Privacy Policy
• Advertise With Us
• Newsroom
• Syndication
• Terms of Use

Terms of Use Your use of this site constitutes acceptance of the Terms of Use

Advertisements on this site are placed and controlled by outside advertising networks. ConsumerAffairs.com does not evaluate or endorse the products and services advertised. See the FAQ for more information.

Company Response Welcome If complaints about your company appear on our site, we welcome your response. Please see the Response Form for more information.

For more information, see the FAQ and privacy policy. The information on this Web site is general in nature and is not intended as a substitute for competent legal advice. ConsumerAffairs.com Inc. makes no representation as to the accuracy of the information herein provided and assumes no liability for any damages or loss arising from the use thereof.