No Transparency in Administrative Delay to Inform Students of Cyber Attack

Mar 2, 2016
No Transparency in Administrative Delay to Inform Students of Cyber Attack

In late December, the UC Berkeley Financial System was breached and the personal information of approximately 80,000 students, faculty staff and vendors was accessed. This is not a shock in today’s age of cyber insecurity. However, what’s surprising is that UC Berkeley officials abstained from notifying victims of the attack until just last Friday, meaning that two whole months passed in which the students’ finances could have been used without their knowledge. This is a chilling possibility.

And according to SF Gate, officials claim there is no evidence that the parties responsible for the attack copied any of the information. This may sound reassuring, but it’s equivalent to a child asserting that there is no evidence she dropped your toothbrush in the toilet, despite it dripping and you definitely hearing a splash. You can’t prove it, but the danger is pretty clear.

The university is now urging victims through email to keep an eye on their bank accounts while offering a credit protection service free of charge. But, as mentioned earlier, it could be too late. So what compelled the administration to withhold this information and leave its constituents at risk?

Some argue that leaking to the public the fact that they were breached could put their system at even greater risk than not doing so.

If, for example, a patch was left open on the system, letting everyone know right away before it was closed could have potentially presented an opportunity for other cyber attackers to exploit the system while it was vulnerable. Similar to a disease outbreak, the public knowing too little information could be more beneficial than knowing too much of it. Senior Director of Strategic Communications Janet Gilmore spoke to this point in an interview with the UCSD Guardian.

“With any cyber attack, it takes time to determine the scope of the attack, restore the integrity of the system [and] identify the individuals potentially affected,” Gilmore explained. “Once the university discovered the attack, it promptly hired an outside computer investigation firm to ensure the process could move along as quickly as possible and to help confirm that the attack was fully contained and the intruders expelled from the system.”

However, according to Mercury News, the intrusion was detected within 24 hours of it happening and the system was patched in early January, just a week or two later. That still leaves approximately a month and a half in which the victims could begin the process of tracking their accounts and protecting their credit but didn’t know they had a significant reason to.

Regardless, maybe we shouldn’t be shocked, as this isn’t the first time a cyber attack at the university went unannounced for a perplexing amount of time. Just last September, the campus’ server was breached, yet the public wasn’t notified until December. UC Berkeley’s system gets compromised as often as the students’ trust in its administration does — or at least what’s left of it.

We provide officials with all of our private and valuable information, confident that they’ll protect it from theft and third-party use, but their system fails and we have to merely accept that this is the era of technology that we live in. But then, when our information is accessed and potentially stolen, we, the sole owners of it, are not made aware of the new risk presented to our life until weeks or even months later.

With such a troubling situation happening twice in a mere six months, members of the UC community are growing tired of and possibly apathetic toward the lack of protection and communication from the administration. It is time that the university prioritizes this issue by allocating resources toward guarding our private information and promptly admitting when it fails to do so.

View Comments (1)
1
More to Discover
More in Editorials
UPDATED — Editorial: UC Regents must call for a ceasefire in Gaza
UPDATED — Editorial: UC Regents must call for a ceasefire in Gaza
Editorial: UC Regents must call for a ceasefire in Gaza
Editorial: UC Regents must call for a ceasefire in Gaza
UCSD Guardian Editorial Board: On Prof. Fletcher’s Comments and College Republicans at UCSDs Calls for His Suspension
UCSD Guardian Editorial Board: On Prof. Fletcher’s Comments and College Republicans at UCSD's Calls for His Suspension
A College-Student Journalists Disappointment with National Debate Coverage
A College-Student Journalist's Disappointment with National Debate Coverage
Editorial Board: A.S. Election Endorsements
Editorial Board: A.S. Election Endorsements
The Slate System Eclipses Candidates Platforms
The Slate System Eclipses Candidates' Platforms
More in Opinion
Image courtesy of Elena Mozhvilo on Unsplash
Submission: Reclaiming Earth Day from corporate greenwashing
Graphic by Marcella Barneclo
UCSD leaves multiethnic students in the shadows
Art by Michelle Deng for the UCSD Guardian
Submission: Doing Divestment Right
Art by Allen Chen for the UCSD Guardian
Texting is not good for your relationship
Art by Michelle Deng for the UCSD Guardian
The Ozempic epidemic in Hollywood
Submission: Honoring The Legacy of Cesar Chavez
Submission: Honoring The Legacy of Cesar Chavez
Donate to The UCSD Guardian
$210
$500
Contributed
Our Goal

Your donation will support the student journalists at University of California, San Diego. Your contribution will allow us to purchase equipment, keep printing our papers, and cover our annual website hosting costs.

The UCSD Guardian

The Student News Site of University of California - San Diego
© 2024 • FLEX Pro WordPress Theme by SNOLog in
Donate to The UCSD Guardian
$210
$500
Contributed
Our Goal

Comments (1)

All The UCSD Guardian Picks Reader Picks Sort: Newest

Your email address will not be published. Required fields are marked *