MENU
Skip to content Skip to navigation

Chancellor Park on UCLA Database Breach

December 12, 2006




Dear UC Merced Faculty, Staff and Student Employees,

I am writing to notify you of a computer hacking incident of a restricted UCLA database that may involve your personal information. Evidence of the break-in was discovered Nov. 21, 2006, and computer security staff immediately shut down the server that holds information about UCLA’s current and some former students, faculty and staff, some student applicants and some parents of students or applicants who applied for financial aid. The database also includes current and some former faculty, staff and student employees at UC Merced. In addition, the personal information of current and some former employees of the UC Office of the President were included in the database.



Allow me to briefly explain why personal information of our current and some former faculty and staff is stored on a server at UCLA. As a small organization, it is currently cost prohibitive for our campus to manage the payroll and benefits system. With its significant computing capacity, UCLA instead does the administrative processing for the UC Merced campus as well as for the UC Office of the President.



The information stored on the affected database includes names and Social Security numbers, dates of birth, home addresses and contact information. It does not include driver’s license numbers or credit card or banking information.

While we are uncertain whether specific personal information was actually obtained, we know that the hacker sought and retrieved some Social Security numbers. I emphasize that we have no evidence that personal information has been misused.



As a precaution, UCLA is proactively notifying everyone whose information was in the database including current and former faculty, staff and student employees at UC Merced. Letters and e-mails are being sent this week to warn employees and students of the breach. In addition, UCLA established a Web site for more information at http://www.identityalert.ucla.edu. The site includes additional information on this situation, further suggestions for monitoring your credit and links to state and federal resources. If you have questions about this incident and its implications, you may also call UCLA’s toll-free call center at (877) 533-8082.



Although there is no evidence that an unauthorized person has obtained your personal information and is using it, there are some steps you can take to protect yourself. First, you may place a fraud alert with credit bureaus and/or periodically run a credit report to ensure accounts have not been activated without your knowledge. If you determine that an account has been fraudulently established using your identity, you should contact law enforcement and the financial agency. The following references provide additional information about identity theft:

· Federal Trade Commission Website on identify theft http://www.creditscore.net/additional-resources/fight-identity-theft/

· Social Security Administration fraud line at 1-800-269-0271

· Major Credit Bureau Numbers

o Equifax 1-800-525-6285

o Experian 1-888-397-3742

o Trans Union 1-800-680-7289

· Identify Theft Victim Checklist

 http://www.privacy.ca.gov/sheets/cis3english.pdf

Please be aware that dishonest people falsely identifying themselves as UCLA representatives might contact you and offer assistance. I have been assured that UCLA will not contact you by phone, e-mail or any other method to ask you for personal information. I strongly urge you not to release any personal information in response to inquiries of this nature.

I want to assure you that the University of California is committed to maintaining the privacy of student and employee information and is continually modifying its systems and practices to enhance the security of sensitive information.

I sincerely regret any inconvenience this breach presents to you.

Again, I encourage you to use the resources that have been developed specifically for this incident: UCLA’s toll-free call center at (877) 533-8082 and http://www.identityalert.ucla.edu.

If UC Merced employees have additional questions after visiting UCLA’s special Web site and calling the toll-free call center, they may contact Shylah Hamilton in UC Merced’s Business & Financial Services department at (209) 228-4074.


 Sincerely,

Roderic B. Park

Acting Chancellor

University of California, Merced