Following a nationwide data breach, UC Berkeley community members reported that their personal information, namely Social Security numbers, was detected on the dark web.
As one of the 300 organizations impacted by the cyberattack on Accellion’s File Transfer Appliance, a vendor service used to transfer sensitive information, the UC system and UC Berkeley provided protection guidelines for community members’ personal information. Currently, the UC system is investigating the incident with local and federal law enforcement and third-party vendors.
The UC system advised individuals to sign up for credit monitoring and identity theft protection with Experian, which is free for UC community members for a year. Through Experian, UC Berkeley community members received alerts that their Social Security numbers were found on the dark web, according to a campus press release.
In addition to Social Security numbers, other information believed to be stolen includes email addresses, phone numbers and home addresses.
Jenn Stringer, campus associate vice chancellor for information technology and chief information officer, noted in the press release that those who have not signed up for the monitoring “should sign up now.” Stringer also advised individuals to follow instructions from Experian and to continue checking alerts from the service.
“The alerts provide you with important and specific information that you should then act on to help protect your credit and identity,” said Anthony Joseph, campus engineering professor and an expert in cybersecurity, in the press release. “The sooner you are notified, and take action, the better.”
Stringer and Joseph provided further recommendations in the press release. For those who were notified that their Social Security numbers were found on the dark web, individuals should create a my Social Security account, sign up for free credit reports, check bank and credit card accounts daily, create a fraud alert on credit accounts, consider a credit freeze and report Social Security number theft.
Additionally, campus community members were encouraged in the press release to report suspicious emails or telephone calls to the IT staff.