The University of California released a statement on March 31 stating they were impacted by a cyber attack that affected at least 300 organizations including several universities, such as Stanford and the University of Maryland, Baltimore, and many government agencies. This data breach of personal information was due to a vulnerability in Accellion’s system, a third party vendor that handles secure file transfers.
Those behind the attack have published online screenshots of personal information onto a website called Clop, which can range from Social Security numbers to bank account information.
On April 1, UC San Diego released an email to school employees and staff regarding the cyber attack, stating UC employees were victims of the data breach. In the email, they said they were working closely with the UC Office of the President (UCOP) regarding the incident and would communicate with any employees involved in the cyber attack.
A day later, on April 2, UCOP sent an email to the UC community regarding the cyber attack. They recommended signing up for Experian ID, a credit monitoring system that has been offered to the UC community for one free full year of membership. This service is available to students with a Social Security number.
Prior to UCSD’s announcement, many students had already received suspicious emails, mentioning their personal information had been hacked. Seeing as the emails were sent to spam folders, students were able to find out about the breach due to conversations on Reddit.
A third year student, who asked to remain anonymous, received an email on March 30 that threatened to publish their information if they did not click on an external link.
The email included the following text: “The UC has been hacked and is not taking action to resolve the problem. Your information will be published to the darknet.”.
Although UCSD recommended signing up for a credit monitoring program, the student felt unsafe putting more of their information online so they deleted their account.
Alexandra, a second year student who asked to be identified by her first name, received a similarly suspicious email on March 30. The email featured unusual font, grammar mistakes, another external link, and a “sense of aggression from the sender.”
In a statement to the Triton, she explained that she expected the school to have had a better system to handle these situations. “Many students, including myself, know very little about what is actually going on regarding the breach which is concerning since we are the ones affected by it,” Alexandra said.
In the UC’s follow up FAQ email sent on April 5, they answered common questions regarding the cyber attack, including who else could be affected by the data breach.
“Family members who are listed as dependents or beneficiaries on employee or retiree accounts, or who are listed on student paperwork, may be affected,” said UC officials.
Currently, the UC is working with local and federal law enforcement as well as third-party vendors to investigate the incident. They are reviewing security controls as well as implementing additional security measures to prevent future hacking attacks in the future, as they explain in the FAQ. Only after completing their investigation does the UC think they will be able to properly assess the extent of data and individuals impacted.
However, Alexandra remains concerned about the university’s lack of guidance. “Providing credit monitoring is great, but only helpful if the person hasn’t been targeted. No information or assistance has been released on what a student should do if they are a victim of identity theft or another consequence as a result of the breach,” she said. “I’ve made sure to update passwords and secure emails and bank information but at the moment I’m not reassured that the school will assist students if they are targeted directly.”
This is not the first time Accellion has been a victim of hacking. Last March, Wired released an article that revealed Accellion had been experiencing data breaches since December 2020. In response to these breaches, Accellion released a statement in January mentioning they “released a patch within 72 hours to the less than 50 customers affected.” They recommended that their customers update to another firewall platform for “highest level of security and confidence.”
This is also not the first time that UCSD has been a victim of a data breach. In 2018, the University was involved in a cyber attack in which they notified 619 of their patients that their personal information had been leaked by Nuance Communications, a computer software company. It was determined that a former Nuance employee obtained access to the information of 45,000 individuals, including UCSD patients.
In addition to utilizing credit monitoring softwares and the University-provided code, UC President Michael Drake recommends that students change passwords, check their spam for emails, and place fraud alerts on credit accounts.
An identity theft protection workshop hosted by UCSD and UCSD health was held on April 8 at 2 p.m. The workshop was to teach students how to register for credit monitoring, how to use the credit monitoring service, and how to take other steps to protect themselves. The workshop will not address specifics of the data breach incident. Click here for updated FAQs and information..
Any suspicious emails should be sent to abuse@ucsd.edu.
Additional questions regarding the data breach and security can also be sent to communications@ucop.edu.
Vanessa Gaeta is a staff writer for The Triton. You can follow her @_vnsgg.
On November 20, 2024, at 12:00 A.M., the American Federation of State, County and Municipal…
On September 19, UC San Diego announced changes to library services beginning September 23 in…
UC San Diego’s first ‘Professor of Practice’ and former County Supervisor, Nathan Fletcher, has been…
Wednesday, November 6, 1:50 P.M. Update On Nov. 6 at approximately 11:35 A.M., an unidentified…
On July 28, 1:00 p.m. the Palestinian Youth Movement(PYM) organized a rally at the San…
Words matter. Words can reveal hidden depths or conceal them. Words can bring people together…
View Comments
I think the admin of this web site is genuinely working hard in support of his web page, for the reason that here every information is
quality based information.
Hi, Neat post. There is a problem along with your site in web explorer, would
check this? IE still is the market chief and
a huge portion of other people will miss your magnificent
writing due to this problem.
Hi there, I discovered your site by the use of
Google at the same time as looking for a related topic, your website got here
up, it seems to be good. I've bookmarked it in my google bookmarks.[X-N-E-W-L-I-N-S-P-I-N-X]Hello there, simply was aware of your weblog thru Google,
and located that it's truly informative. I'm gonna
be careful for brussels. I'll appreciate for those who continue this in future.
A lot of other people will likely be benefited out of your writing.
Cheers!
Look at my web site - Essential Male Enhancement
Next time I read a blog, Hopefully it does not disappoint
me just as much as this particular one. After
all, Yes, it was my choice to read through, but I really
believed you would have something helpful to say. All I hear
is a bunch of crying about something that you could possibly
Slim Belly Fix Reviews
if you were not too busy looking for attention.
Great work! This is the kind of info that are meant to be shared across the web.
Shame on Google for now not positioning this put up upper!
Come on over and discuss with my site . Thank you =)
Here is my page; ok388 jackpot
Wonderful work! This is the kind of info that are meant to be shared across the internet.
Shame on Google for no longer positioning this submit higher!
Come on over and seek advice from my website . Thanks
=)
Here is my web blog Essential Nutrition Keto Reviews
Regards for this howling post, I am glad I discovered this site on yahoo.
Here is my web site: Essential Nutrition Keto Reviews
Quality content is the crucial to attract the visitors to go
to see the web page, that's what this site
is providing.
Feel free to visit my web blog; download game love138
Please let me know if you're looking for a writer for your blog.
You have some really good articles and I believe I would be a good asset.
If you ever want to take some of the load off, I'd absolutely
love to write some articles for your blog in exchange for a link back to mine.
Please shoot me an email if interested. Regards!
Here is my blog - kiosk 918kiss plus vip
Good write-up, I am normal visitor of one's website, maintain up the excellent operate, and It is going to be a regular visitor for
a long time.
My web-site Body Core Keto