A UCSF computer server containing confidential information on about 46,000 people may have been hacked into, the University warned today. And the word is "may" - UCSF (University of California, San Francisco) says that there is no evidence "at this time" that any specific information was accessed.

The server lives in the UC System-wide data center and was taken offline immediately, when "the incident" as UCSF is dubbing this, was discovered last month. It contained the names, social security numbers and bank account details of students, faculty and staff associated with UCSF or UCSF Medical Center over the last two years.

UCSF is contacting people on the list to warn them to look out for identity theft and to advise them how to protect personal information. This is a bit rich, considering it was UCSF that failed to protect the personal information in the first place.

The University and the University of California Office of the President are investigating the incident and they are also calling on the FBI. UCSF is hiring a company to audit security procedures, and it says it will publish the findings.

Need to know more? Here is the UCSF hotline - 415-353-8100 , the email address for inquiries - isecurity@ucsf.edu, and for good measure check out the advisory website here (http://oaais.ucsf.edu/notice). ®

Related stories

US school cheat hack suspect faces 38 years jail (19 June 2008)
http://www.theregister.co.uk/2008/06/19/teen_school_hack_charges/
Hack database, change school grades, go to jail for 20 years (maybe) (5 November 2007)
http://www.theregister.co.uk/2007/11/05/fresno_uni_database_hack_charges/
IBM courier crashes. Sensitive tapes go AWOL (15 May 2007)
http://www.theregister.co.uk/2007/05/15/ibm_missing_tapes/
Roche exposes medical details on website (11 May 2007)
http://www.theregister.co.uk/2007/05/11/roche_exposes_medical_details/
Feds urge tougher ID theft laws (24 April 2007)
http://www.theregister.co.uk/2007/04/24/id_theft_plan/
How much do security breaches cost anyway? (12 April 2007)
http://www.theregister.co.uk/2007/04/12/breach_cost_estimate/
Data disposal: Every action leaves a trace (11 April 2007)
http://www.theregister.co.uk/2007/04/11/secure_data_deletion/
Georgia on the mind of three million after CD loss (11 April 2007)
http://www.theregister.co.uk/2007/04/11/georgia_data_loss/
Laptop thefts expose 40,000 Chicago teachers (9 April 2007)
http://www.theregister.co.uk/2007/04/09/chicago-teachers_security_breach/
TJX lost up to 45.6m card numbers (29 March 2007)
http://www.theregister.co.uk/2007/03/29/tjx_credit-card_debacle/
Account pretexters plague Xbox Live (23 March 2007)
http://www.theregister.co.uk/2007/03/23/xbox_live_pretexting/
Hacker steals crucial data from French Prez candidate (5 March 2007)
http://www.theregister.co.uk/2007/03/05/french_candidate_hacked/
Europeans fear data loss disaster (19 February 2007)
http://www.theregister.co.uk/2007/02/19/it_risk_survey/