UC Berkeley Press Release
UC Berkeley police investigating theft of laptop containing grad student ID data
BERKELEY – University of California, Berkeley, police are investigating the theft of a campus laptop computer that contained files with the names and Social Security numbers of more than 98,000 individuals, mostly graduate students or applicants to the campus's graduate programs.
The computer was stolen March 11 when an individual entered a restricted area of the Graduate Division offices that was momentarily unoccupied. A campus employee saw the individual leaving with the laptop and contacted campus police. The case remains under investigation.
The stolen computer contained information on most individuals who applied to graduate school at UC Berkeley between fall 2001 and spring 2004 (except law school students in the JD, LLM, and JSD programs); graduate students who registered at UC Berkeley between fall 1989 and fall 2003 (including law school students in the JD, LLM, and JSD programs); recipients of doctoral degrees from 1976 through 1999 (excluding law school students in the JD program); and other small groups of individuals. Approximately one-third of all of the computer's files contained dates of birth and/or addresses in addition to Social Security numbers and names.
At this time the campus has no evidence that personal data were actually retrieved or misused. However, in accordance with state law, UC Berkeley officials are making every reasonable effort to notify by mail or e-mail all 98,369 individuals whose names and Social Security numbers were on the computer and, as a precaution, suggest they consider placing a fraud alert on their credit reporting accounts.
However, because some files go back three decades, officials may not find current addresses for every name on the list. The campus has created a special website for individuals who are concerned that their information may have been on the stolen computer: idalert.berkeley.edu. The web site contains helpful phone numbers, information on next steps to take, and links to credit reporting agencies.
The Graduate Division oversees graduate admissions, educational programs, financial aid, outreach and other services for the campus's graduate programs.
The Social Security numbers were used to identify and track individual students, a customary practice within the educational research community, which uses these numbers to access historical information regarding students.
The Graduate Division has already taken additional steps to prevent such theft of sensitive data from happening again. It is deploying encryption software on those few computers that contain Social Security numbers. Building security has been increased, and the Graduate Division is working vigorously to review and implement staff training for protection of personnel and property.
The office has also set up a toll-free number and e-mail account to answer specific questions not addressed on the website: 1-800-372-5110 and idalert@berkeley.edu.
For several years University of California systemwide policy and UC Berkeley campus policy have required that restricted information stored on portable equipment be protected to safeguard the data if the equipment is lost or stolen. Since fall 2004, the UC systemwide policy has required encryption of such portable data, and campus units are in the process of moving toward full compliance with this new policy.