UC has learned that it, along with other universities, government agencies and private companies throughout the country, was recently subject to a cybersecurity attack. The attack involves the use of Accellion, a vendor used by many organizations for secure file transfer, in which an unauthorized individual appears to have copied and transferred UC files by exploiting a vulnerability in Accellion’s file transfer service.
Upon learning of the attack, UC immediately reported the incident to federal law enforcement, took measures to contain it and began an investigation. At this time, we believe this attack affected only the Accellion system and did not compromise other UC systems or networks.
UC’s investigation includes a review of the files we believe may have been copied and transferred as part of this attack. Upon completion of our review, we should be able to better assess the data and individuals impacted. Once we can identify affected individuals, we will notify them and provide information regarding additional next steps.
We understand those behind this attack have published online screenshots of personal information, and we will notify members of the UC community if we believe their data was leaked in this manner.
Watch out for suspicious emails
We believe the person(s) behind this attack are sending threatening mass emails to members of the UC community in an attempt to scare people into giving them money. The message states:
“Your personal data has been stolen and will be published”
By their nature, these kinds of attacks are very broad and somewhat imprecise. Accordingly, some UC community members receiving these threatening emails will not have had their data compromised, while other community members with compromised data may not receive any email.
Anyone receiving this message should either forward it to your local information security office or simply delete it. At UC Davis, send to email@example.com.
Protecting yourself and UC
We remind all members of the UC community to not click on links or open attachments unless you know and trust the sender.
In addition, you may wish to take the following steps to protect your information:
- Consider taking additional identity theft measures described here.
- Place a fraud alert with one of the three nationwide credit bureaus: Equifax, TransUnion or Experian.
- Place a security freeze on your credit report by making a request to the three credit bureaus.
UCOP has posted five rules to protect your online security. Here is a quick summary:
- Think before you click — Criminals are experts at making phishing emails as convincing as possible.
- Protect your passwords — Your old tricks for setting and storing your passwords may no longer be up to the task.
- Protect your devices — For many of us, our homes are now our offices. Keep your devices as secure at home or on the road as you would in the office.
- Protect your files — Make sure important information is stored securely, in a physically separate location from the originals, and test your backups periodically.
- If it’s suspicious, report it! — Report suspected scams and other suspicious activity to your local information security office. At UC Davis, contact firstname.lastname@example.org.