According to Ken Orgill, assistant vice chancellor for IT services and campus CIO, there is no evidence the data was accessed.
The server was immediately taken offline after the incident, which occurred in late February, UCSF officials said in a statement emailed to SC Magazine.
The server contained names, Social Security numbers, and in some cases, banking information, of employees, students, and contractors who did business with the university. The system, which resides in the campus data center, did not contain patient data.
"New security protocols and internal procedures have now been put in place to prevent a similar situation in the future," campus officials said.
Earlier this week, UC Berkeley Chancellor Robert Birgeneau promised to improve data security in the wake of the theft of a campus laptop containing personal data of 98,000 graduate students, alumni and applicants.