In 2005, Summer received an e-mail from the University of California at Berkeley informing her that their database had been hacked and that her personal information had been stolen. The stolen information included Summer’s date of birth, her address, credit card information, and her social security number.
Soon, Summer discovered that a thief made fraudulent charges to one of her credit cards. She immediately closed her Wells Fargo credit card and checking accounts and opened new ones. The bank promptly removed the fraudulent charges from her credit card account.
Soon after the thief made the fraudulent charges, Summer put a fraud alert on her credit report through a credit bureau. The credit bureau told her that no new accounts would be opened without the bureau calling her to confirm them and would prevent her from receiving additional credit card offers. As far as Summer knows, the fraud alert worked. However, she still received credit card offers in the mail.
Summer called the University of California at Berkeley to see if the university offered assistance to victims. The person she spoke with offered no help, other than directing Summer to a for-profit credit monitoring company whose services she was already using.
In November 2006, more fraudulent charges appeared on an American Express card account which had been listed in UC Berkeley’s database. American Express removed the charges from her account.
On December 12, 2006 Summer received an e-mail about another security breach, this time at the University of California at Los Angeles (UCLA). Summer had applied for graduate studies there but had never attended. UCLA was much more helpful than Berkeley, directing Summer to a hotline and a website created after the breach. There have been no fraudulent charges related to the UCLA breach.
“I can’t help but feel these institutions, which collect our personal information, should be more responsible for safeguarding it,” Summer told Consumers Union, “With the UC Berkeley incident, I couldn’t help but feel absolutely left alone to deal with their incompetence. I hope that universities can become more accountable for the mismanagement of personal information.”