The University of California, Washington Center (UCDC) recently notified alumni of a breach involving their course pre-enrollment system. As a result of the June 7 attack on UCDC’s cloud-based provider, GoSignMeUp.com, alumni’s usernames, postal and email addresses, passwords, gender, date of birth, and courses taken were accessed.
The breach was discovered on June 9.
The school advised those affected to change their passwords, and said it was working with the provider to enhance security for user data.
DataBreaches.net e-mailed UCDC to inquire how the compromise of GoSignMeUp occurred and how many alumni were affected, but has not yet received any response.
DataBreaches.net also reached out to GoSignMeUp.com to inquire whether other clients were also affected or if the attack was confined to UCDC user data. They have not yet responded to the inquiry, either.
A copy of UCDC’s notification to the California Attorney General’s Office is available here (pdf).
This post will be updated if and when more information is available.