| Frequently Asked Questions
Q: How was my personally identifiable data potentially
compromised?
A: On Monday, August 15, 2005, computers
at the California State University Office of the Chancellor
were infected with a computer virus. In the short time between
when the virus was detected and the fix (or patch) was deployed,
monitoring indicated that the computer assigned to a financial
aid administrator may have experienced unauthorized access.
The names and Social Security Numbers of 152 individuals who
received financial aid, and the names and Social Security
Numbers of two financial aid administrators, were included
in the files on the computer.
Q: Why was my information on that particular computer?
A: The computer in question is used
by an employee who routinely works with records related to
the receipt of student financial aid and the administration
of student financial aid programs. While files do not typically
have names associated with identification numbers, there were
a limited number of working files associated with reviews
of CSU financial aid policies and programs that contained
names and Social Security Numbers
Q: Do you know if my information was stolen?
A: There is no evidence that any
of the information housed on this computer was accessed or
that any identity theft has occurred. However, out of caution,
and because of the potential that your information was accessed
by unauthorized persons, you are being informed of the incident
in accordance with California law.
Q: What should I do?
A: CSU cannot advise you what to
do. However, we recommend that you initiate a free fraud alert
with one of the credit bureaus as detailed in the letter sent
with this question-and-answer sheet. Should you notice unauthorized
charges or accounts opened in your name, consider reporting
the incidents to a law enforcement agency.
Q: Will CSU pay for additional credit checks?
A: No. Subsequent credit checks,
should you decide they are in your best interest, are an individual
responsibility.
Q: What is CSU doing to prevent this problem from reoccuring?
A: The CSU Chancellor’s Office
is in the process of strengthening procedures for storage
of unencrypted, personally identifiable data on all computers
and servers.
Q: Will I hear anything else from the CSU regarding
this incident?
A: CSU will not contact you further
about this incident. Any call claiming to be from CSU and
asking you for follow-up information, such as a verification
of your Social Security Number or account information, should
be treated with suspicion.
|
