IT staff discovered the problem in August and shut down the affected server.
Kim Nava with Sacramento State says since then, the university has been looking into which employees might have had their information stolen.
"It took a long time, not only for the university to investigate what the problem might have been, but whether or not anyone might have been affected and if so who those individuals might be."
The university sent letters to about 1,800 employees this week about the possible breach and how to protect themselves from identity theft.
Nava says so far, the university has not learned of any cases of identity theft stemming from the computer hacking.