Tens of thousands of current and former people affiliated with the UC Berkeley are being notified of a computer attack that poses a risk to their personal information.
University officials said the attack occurred in late December 2015 when one or more people gained access to computers that are part of the Berkeley Financial System.
The system is used for purchasing and non-salary payments, such as student financial awards and work-related travel reimbursements.
Investigators completed compiling the names and contact information for those affected Thursday.
No evidence exists that an unauthorized person accessed, acquired or used any personal information such as Social Security and bank account numbers at risk in the attack.
But university officials said they want those affected to be alert to signs of misuse.
The university is paying for a year of free credit monitoring and identity theft insurance as well as resources to help the individuals monitor
their accounts for suspicious activity.
The people who gained access to the university financial system got in through a security flaw the university was in the process of patching.
University spokesperson Janet Gilmore said the flaw was repaired early last month.
University officials said they have notified the police and the FBI of the attack.
Gilmore said technology experts are moving quickly to patch all critical systems and the university is consulting with security experts to
add more protection to its computer systems.
The people affected include about 57,000 current and former students, about 18,000 former and current employees and about 10,300 vendors.
The numbers add up to more than 80,000 because some people may be in two or more categories, university officials said.
The Social Security numbers or bank account numbers of vendors were used to make payments to the vendors.
About 50% of current students and 65% of current
employees are at risk.
Campus officials said they took action less than 24 hours after the attack occurred.