Routine maintenance of UC Berkeley's health services center computers in April revealed a break-in. Hackers had come in through an open, public part of the system and then broke into a database with names and Social Security numbers.
"We have 97,000 Social Security numbers on the records, but there are 160,000 names in the system, so we're notifying everyone of the breach," Associate Vice Chancellor for Information Technology Shelton Waggener said.
Waggener says e-mails and letters went out Friday.
The stolen records date back to 1999 and include Mills College students who used UC Berkeley's health services.
The system was shut down on April 8 after the hackers left taunting messages for the system administrators. It took until now to decipher exactly what had been stolen.
Waggener says the hackers would need more than what they got for a complete ID theft.
"The Social Security number is there and the name is there but that isn't enough in and of itself to do much with because there was no financial information, no bank account numbers, no credit card numbers, none of that," Waggener said.
No medical records were taken.
"What we've noticed is they were after identity information and not medical information," Associate Vice Chancellor for Health and Human Services Steve Lustig said.
The university says it is not known if any of the data has been used by the hackers.
"I was concerned, but as a student there's not a lot I can do about it," freshman Alex Ouligian said.
Ouligian got his e-mail letter Friday, he has not yet told his parents.
Berkeley says early indications are the hackers are from Asia. The FBI is doing a criminal investigation.
For more information, people can call: 888-729-3301 or go to http://datatheft.berkeley.edu/