UCSF Reports Possible Breach in Computer Security, Establishes ID Theft Hotline

SAN FRANCISCO – The University of California, San Francisco (UCSF) is notifying students, faculty and staff that their personal information may have been accessed by an unauthorized party due to a possible compromise in security of a computer server. The server did not contain any patient names or patient information.

There is no evidence at this time that any specific information was accessed, according to Randy Lopez, co-chief information officer for the Office of Academic and Administration Information Systems.

As a precautionary measure, the University is contacting about 46,000 individuals to alert them to look for signs of identity theft and advise them of steps to protect personal information. The contact list is comprised of students, faculty, and staff associated with UCSF or UCSF Medical Center over the past two years.

Data on the server included names, social security numbers and bank account numbers used for electronic payroll and reimbursement deposits. The server resides in the UC System-wide data center. The incident was identified in late March, and the server was immediately taken off-line.

The University is committed to maintaining the privacy of personal information. UCSF and the University of California Office of the President are conducting an investigation of this incident, including what types of information, if any, were compromised and how computer security can be improved. The FBI has been notified and will be involved in the investigation. Also, UCSF is hiring a company that specializes in electronic security to provide a thorough audit of its security practices, and the findings of that audit will be reported as they become available.

In addition, UCSF has established a website and hotline number in response to the compromise in security.

Those who determine that their accounts have been misused or that an account has been fraudulently established using their identity should contact the UCSF Police Department at (415) 476-1414 and their personal bank and credit agencies.

Those who have questions about this matter, should contact the UCSF Enterprise Information Security hotline at (415) 353-8100 or by email at isecurity@ucsf.edu. More information is provided at the following website.


UCSF press release

If you appreciated this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!

Leading in Turbulent Times: Effective Campus Public Safety Leadership for the 21st Century

This new webcast will discuss how campus public safety leaders can effectively incorporate Clery Act, Title IX, customer service, “helicopter” parents, emergency notification, town-gown relationships, brand management, Greek Life, student recruitment, faculty, and more into their roles and develop the necessary skills to successfully lead their departments. Register today to attend this free webcast!

Get Our Newsletters
Campus Safety Conference promo