The University of California – Santa Barbara has sent out an update to a breach alert it sent out in July after some employees reported possible check fraud involving their personal checking accounts.
In a letter posted on the California Attorney General’s website today, Jim Corkill, Director of Business and Financial Services writes:
Our investigation recently identified unauthorized access to some archival payroll data that included first and last names, social security numbers and direct deposit banking information. We are notifying all employees whose information was potentially subject to unauthorized access so you can be alert to the possible misuse of your personal information. We are sending this message at the earliest possible date so as not to hinder the ongoing criminal investigation of this matter. We deeply regret that any of our community members were affected by this unauthorized access. We are fully committed to working with anyone who may have been affected by this incident, and we will help to resolve any possible unexpected financial issues in the future.
[…]
As additional background, beginning in April, the University noticed an increase in the number of employees with direct deposit reporting check fraud on personal bank accounts. The University started a review of its processes and sent a message to the community to request assistance and aid in our investigation that resulted in the discovery of the unauthorized access to archival payroll data. The fraudulent checks were passed at retail establishments in amounts that were generally in the range of $50 to $100, and our employees have informed us all of these charges were reversed.
The University is offering the employees credit monitoring and credit restoration services through ID Experts.
An FAQ on the incident provides additional details:
Current information indicates the unauthorized access mainly impacts UCSB employees who were on payroll as of November 2013. The unauthorized access also impacts some, but not all, employees who separated from UCSB during the 2013 calendar year. Notification letters have been sent to the affected individuals.
In response to the incident, the university is strengthening storage and security processes, and also considering what data can be omitted from future archival records.
You can read their full notification letter here. Although this sounds like a hacking incident, the letter doesn’t actually state that this was a hacking incident.