University of California, Berkeley

On December 12, 2014, the California Office of the Attorney General disclosed a data breach at the University of California, Berkeley, originating from an unauthorized server access on September 16, 2014. The incident exposed sensitive personal information of unspecified individuals, including names, Social Security numbers, credit card details, and driver’s license numbers. The breach compromised financial and personally identifiable data, posing risks of identity theft, financial fraud, and reputational harm to affected individuals. While the exact number of victims was not specified, the exposure of such high-value data particularly Social Security and financial records elevated the severity of the incident. The university likely faced regulatory scrutiny, potential legal liabilities, and erosion of trust among students, faculty, and stakeholders. The breach underscored vulnerabilities in the institution’s cybersecurity infrastructure, necessitating remediation measures to prevent future intrusions.

Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-47717

TPRM report: https://www.rankiteo.com/company/university-of-california-berkeley

"id": "uni1013090725",
"linkid": "university-of-california-berkeley",
"type": "Breach",
"date": "9/2014",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'customers_affected': 'unspecified individuals',
                        'industry': 'Higher Education',
                        'location': 'Berkeley, California, USA',
                        'name': 'University of California, Berkeley',
                        'type': 'Educational Institution'}],
 'data_breach': {'personally_identifiable_information': ['names',
                                                         'social security '
                                                         'numbers',
                                                         "driver's license "
                                                         'numbers'],
                 'sensitivity_of_data': 'high',
                 'type_of_data_compromised': ['personal information',
                                              'financial information',
                                              'identification information']},
 'date_detected': '2014-09-16',
 'date_publicly_disclosed': '2014-12-12',
 'description': 'The California Office of the Attorney General reported a data '
                'breach involving the University of California, Berkeley, on '
                'December 12, 2014. The breach occurred on September 16, 2014, '
                'and involved unauthorized access to servers, potentially '
                'exposing personal information such as names, social security '
                "numbers, credit card numbers, and driver's license numbers of "
                'unspecified individuals.',
 'impact': {'data_compromised': ['names',
                                 'social security numbers',
                                 'credit card numbers',
                                 "driver's license numbers"],
            'identity_theft_risk': 'high',
            'payment_information_risk': 'high',
            'systems_affected': ['servers']},
 'references': [{'source': 'California Office of the Attorney General'}],
 'regulatory_compliance': {'regulatory_notifications': ['California Office of '
                                                        'the Attorney '
                                                        'General']},
 'title': 'University of California, Berkeley Data Breach (2014)',
 'type': 'Data Breach'}