UC Among Targets in Nationwide Cyberattack
by UC Office of the President march 31, 2021
UC has learned that it, along with other universities, authorities agencies and private companies throughout the country, was recently subject to a cybersecurity attack. The attack involves the utilize of Accellion, a vendor used by many organizations for secure file transfer, in which an unauthorized individual appears to hold copied and transferred UC files by exploiting a vulnerability in Accellions file transplant service.
From UC Davis: IT Leaders direct Cybersecurity Attack
Protecting yourself and UC
5 rules to protect your online security
Upon learning of the attack, UC immediately reported the incident to federal law enforcement, took measures to contain it and began an investigation. At this time, we believe this round affected only the Accellion system and did not compromise other UC systems or networks.
UCs investigation includes a review of the files we believe may make been copied and transferred as division of this attack. Upon culmination of our review, we should live able to improve assess the data and individuals impacted. Once we can distinguish affected individuals, we will notify them and supply information regarding additional next steps.
We see those behind this assail have published online screenshots of personal information, and we will notify members of the UC community if we believe their data was leaked in this manner.
Watch out for suspicious emails
We believe the person(s) behind this attempt are sending threatening mass emails to members of the UC community in an endeavor to daunt people into giving them money. The message states:
Your personal data has been stolen and will live published
By their nature, these kinds of attacks are very broad and somewhat imprecise. Accordingly, some UC community members receiving these threatening emails will not experience had their data compromised, piece other community members with compromised data may not have any email.
Anyone receiving this content should either forward it to your local information security office or simply delete it. At UC Davis, send to firstname.lastname@example.org.
Protecting yourself and UC
We remind all members of the UC community to not click on links or open attachments unless you experience and trust the sender.
In addition, you may care to take the following steps to protect your information:
Consider taking additional identity theft measures described here.
Place a fraudulence alert with one of the three nationwide credit bureaus: Equifax, TransUnion or Experian.
Place a security halt on your credit story by qualification a asking to the three credit bureaus.
UC regards the secrecy of all its community members with the utmost seriousness. We will update the UC community as we are able to expose additional information.