A database containing records, including names, addresses and Social Security numbers was attacked without the University's knowledge – it found out only after a journalist encouraged the establishment to check its database on 20 June.
USC said it does not know exactly how many individuals were affected by the breach, but it does not believe very much information was removed.
"There was not a sufficiently precise tracking capability," said Katharine Harrington, USC dean of admissions and financial aid in an interview with the Washington Post. "We are quite confident that there was no massive downloading of data."
The offending website has been taken down to improve its security and will be up and running again once new measures are implemented.
Because USC is in California it falls under Californian Senate Bill 1386, which means it must make public details of any security breach concerning personal information.
In June SC reported a server containing the personal data of 72,000 students, faculty, and staff at the University of Connecticut was breached by a hacker that exploited an vulnerability in its system.