FBI investigating computer system security breach

The San Jose field office of the FBI is investigating a security breach of the Career Development Center's computer system that took place earlier this month.

"On May 11, 2005, the Career Development Center's computer system was improperly accessed from outside of the Stanford network," said university General Counsel Debra Zumwalt. The system contained client records and recruiter records of those who have registered with the center from 1996 through the present. Client records (records of people seeking employment through the Career Development Center) generally include a person's name, resume, letters of recommendation and Social Security number. The database of client records did not contain any financial, credit card, driver's license or other governmental identification information. In some instances, recruiter records contained a credit card number, but no other confidential information.

Although there is no evidence that any particular records were actually acquired during the intrusion, the university is taking steps to notify clients whose Social Security numbers were included in the database and recruiters that had provided credit card numbers to the Career Development Center. Client notification letters were mailed on Monday and recruiter notification letters are being mailed this week, as quickly as officials are able to gather information. In total, approximately 9,600 clients and 300 recruiters are being notified.

Upon learning of the improper access, the university temporarily disabled the career center's system and reported the incident to the FBI.

"Protection of confidential information is a high priority of Stanford," Zumwalt said. "And since this incident, we have been working to understand this breach of our system and ways to prevent a reoccurrence."

Lance Choy, director of the center, added, "Our mission is to facilitate the career development of our clients and to enhance their Stanford experience, and we deeply regret any inconvenience caused by this event."

Those seeking more information about this matter should review the frequently asked questions posted at http://www.stanford.edu/dept/legal/recent/index.html. For information about identity theft, visit http://idtheft.gov/.