• United States



by Dave Gradijan

Data Breach at UCLA Exposes Records on 800,000

Dec 12, 20063 mins
CSO and CISOData and Information Security

A data breach at the University of California, Los Angeles (UCLA) has exposed records containing personal information—including some names, Social Security numbers and birth dates—on roughly 800,000 current and former students and faculty members, as well as a number of people who applied to the school during the past five years but never ended up attending, reports.

Some information on parents of students or applicants who filed for financial assistance was also compromised, according to

Hackers began their attempts to crack the UCLA database in October 2005, and they were blocked on Nov. 21 when computer security representatives with the university noticed suspicious search queries on the database and realized attacks were being perpetrated, reports.

Acting UCLA Chancellor Norman Abrams said in a letter expected to be distributed to potentially affected parties today that the Social Security numbers of some individuals were indeed accessed, but there is currently no evidence to suggest the information has been put to illegal use, according to

The UCLA breach is the most recent in a long line of data breaches over the past few years at colleges or universities, banks, government agencies and data collection firms, among others.

Jay Foley, Identity Theft Resource Center executive director, told that schools like UCLA are becoming common targets for hackers looking to harvest ID theft-related information.

“Universities tend to have a lot of information floating around in a lot of different places,” Foley said, according to “They are places we send our children to share ideas, and it’s hard to mix the open sharing of ideas with the need to tighten down on security.”

In 2003, San Diego State’s financial aid system was breached when a hacker employed an old computer network in the school’s drama department to access information—including Social Security numbers—on some 200,000 people, reports.About two years later in 2005, a USC database was hacked and records on roughly 270,000 people were exposed, according to

Foley and others who spoke with call the recent UCLA breach “among the largest at an American college or university.”

Some 29 security breaches at U.S. colleges during the first half of 2006 exposed records on approximately 845,000 people, reports.

A website has been launched by UCLA to provide information to potentially affected people, as well as a call center that can be reached at (877) 533-8082.

Related Links:

Keep checking in at our CSO Security Feed page for updated news coverage.

-Compiled by Al Sacco