UCSD
CAMPUS NOTICE
University of California, San Diego

OFFICE OF THE CONTROLLER

May 6, 2004

ALL ACADEMICS AND STAFF AT UCSD (including UCSD Healthcare)
ALL STUDENTS AT UCSD

SUBJECT: Computer Security Incident on UCSD Campus

Business and Financial Services (BFS) is in the process of notifying
approximately 380,000 individuals that computer intruders may have illegally accessed computers storing their private information. A web server and three workstations containing names, Social Security numbers and/or driver's license numbers were breached. Included in the total approximate number of individuals impacted by this illegal intrusion are 2,400 current and former faculty, 1,400 current and former staff, and 178,000 current and former students. An additional 198,000 individuals who applied to UCSD but were never enrolled are also among those being notified.

While there was evidence on one computer that an unauthorized intruder was using disk space for DVD storage, there were no indications on any of the machines that the private information had been accessed or stolen. Regardless, we have taken the precautionary step of mailing notification letters to all affected individuals. This notification process began on Wednesday, May 5. Given the large number of individuals involved and our desire to obtain accurate mailing addresses, we expect the process to take two to three weeks. To assist us in spreading the word, the University Communications Office is sending a press release to news media across the state informing them of the incident.