- Accellion-related cyberattack message from UCOP April 2 was real
- Employees can sign up for free credit monitoring and identity theft protection
- Also, monitor your bank accounts, watch for and report suspicious emails
UC Davis is assuring employees that the University of California email they received Friday (April 2) about a cyberattack on UC and many other institutions was real, and advising employees to take seriously the guidance offered to help safeguard their personal and financial information online.
The April 2 email followed other messages posted last week by UC Office of the President in response to the attack on Accellion, a vendor of software the university used to transfer sensitive information. The unknown hacker or hackers gained access to files and personal confidential information.
That data included but may not have been limited to names, birthdates, Social Security numbers and bank account information. The perpetrator or perpetrators have threatened to publicly post this information online, which would mean anyone could use the information to try to get credit in your name or to access your accounts.
UCOP officials in their April 2 email — posted in English and Spanish — stated: “We are working with local and federal law enforcement and third-party vendors to investigate this incident, to assess the information that has been compromised, to enforce the law and to limit the release of stolen information.
“We are alerting you now so you are able to take protective actions as we work to address the situation.”
The email announces the university’s offer of complimentary credit monitoring and identity theft protection to UC employees. The protection through Experian IdentityWorks lasts for one year and includes internet surveillance, identity restoration and $1 million in identity theft insurance.
Note: The IdentityWorks enrollment process asks for your name, birthdate, social security number, bank account information and driver’s license number. Experian monitors to see if your personal information is posted online – if it is, that is among the first signs you may be at an escalated risk for financial fraud.
Sign up at the Experian IdentityWorks website using the enrollment code JCZGTC333 and one of the following links:
- Minors (Experian provides internet surveillance and monitoring for up to 10 children under the age of 18, with identity restoration and up to $1 million in identity theft insurance included.)
For help enrolling, call Experian at 866-617-1923 and reference engagement number DB26512.
UCOP also advised the following:
- Monitor your bank accounts regularly for suspect transactions — If you see any, report them to your bank promptly. Also, ask your bank for online monitoring and alerts on your account.
- Watch for suspicious emails, asking you to click on unusual links — The person(s) behind the Accellion attack may send threatening mass emails in an attempt to scare people into giving them money. Do not engage or respond. Delete them immediately and inform the Information Security Office.
- Place a fraud alert on your credit file/credit rating, or consider freezing your credit — Sign up with one of the three major nationwide credit bureaus.
IT Express has set up an automated response to questions about the data breach. Eighty tickets had been generated since Friday, most of them going to the information security team. Questions for UCOP can be directed to email@example.com.
UC Davis employees who are members of the UC Blue & Gold health maintenance organization may be hearing separately about a cyberattack on Health Net of California, which administers the Blue & Gold HMO. Members’ personal information may have been compromised, Health Net said in a letter linking the breach to Accellion. Like UC, Health Net is offering one year of free credit monitoring and identity theft protection. But the question arises: Should UC Davis employees sign up for credit monitoring and protection through UC and Health Net? Dateline contacted UCOP, where a spokesman said, for now, “it won't hurt to do both.” When more information becomes available, it will be posted to this FAQ, he said.