Dennis Culver reports:
California State University officials said today the university’s East Bay information security team has discovered a breach in a web server used to store personal employee information.
Officials said the security breach occurred on Aug. 23, 2013 and was discovered Aug. 11 of this year. The university learned through the subsequent investigation an unknown person broke into a university web server used to store various employment transaction records and some extended learning course information.
Officials said a malicious software tool allowed an unauthorized person to copy a data file containing the full names, addresses and Social Security numbers of 6,036 individuals. The birth dates of 508 individuals were also on the data file.
Read more on SFBay.
A template of the notification letter sent to employees was submitted to California’s Attorney General, and is viewable here (pdf).