University of California, San Diego
May 6, 2004
ALL STUDENTS AT UCSD
Business and Financial Services (BFS) is in the process of notifying approximately 380,000 individuals that computer intruders may have illegally accessed computers storing their private information. A web server and three workstations containing names, Social Security numbers and/or driver's license numbers were breached. Included in the total approximate number of individuals impacted by this illegal intrusion are 2,400 current and former faculty, 1,400 current and former staff, and 178,000 current and former students. An additional 198,000 individuals who applied to UCSD but were never enrolled are also among those being notified.
While there was evidence on one computer that an unauthorized intruder was using disk space for DVD storage, there were no indications on any of the machines that the private information had been accessed or stolen. Regardless, we have taken the precautionary step of mailing notification letters to all affected individuals. This notification process began on Wednesday, May 5. Given the large number of individuals involved and our desire to obtain accurate mailing addresses, we expect the process to take two to three weeks. To assist us in spreading the word, the University Communications Office is sending a press release to news media across the state informing them of the incident.
If you do not receive a notification and are concerned that you could have been affected, please take one of the following actions:
* Consult the incident web site, http://idalert.ucsd.edu
* Send any questions you may have about your private information to
* Contact the Telephone Call Center with specific questions about your
We sincerely regret that this illegal intrusion has occurred, and we have taken immediate steps to significantly strengthen our security against potential future attacks. We have also referred this incident to local law enforcement agencies for investigation.