Notifications

FAQs About the Data Security Incident Affecting the University of California Community (4/7/2021)
Urgent: Accellion cyber attack and what UC employees should do to protect themselves (4/2/2021)
Urgent: Beware of phishing emails (3/30/21)

FAQs About the Data Security Incident Affecting the UC Community

April 7, 2021

Last week we shared information on the data security incident affecting the University of California community, which was the result of a nationwide cyber attack. The Office of the President has now published Frequently Asked Questions in English and Spanish that will help provide additional information.

Please read these FAQS about the Accellion data breach. This is a very serious incident and we encourage you to be proactive in protecting yourself using the resources and information that have been made available by the Office of the President.

The University of California community will continue to be updated as more information is learned and able to be shared. In the meantime, if you have questions related to this incident, please contact communications@ucop.edu.

----------------------------------------------

Urgent: Accellion cyber attack and what UC employees should do to protect themselves

April 2, 2021

The following message is from UCOP.

TO THE UNIVERSITY OF CALIFORNIA COMMUNITY

We are writing to provide you additional information about a data security incident affecting the UC community and what you should do to protect your personal information.

As was announced on March 30, UC is one of several institutions targeted by a nationwide cyber attack on Accellion’s File Transfer Appliance (FTA), a vendor service used for transferring sensitive information. This attack has affected approximately 300 organizations, including universities, government institutions and private companies. In this incident, the perpetrators gained access to files and confidential personal information by exploiting a vulnerability in Accellion’s program.

At this time, we believe the stolen information includes but is not limited to names, birth dates, Social Security numbers and bank account information. The attackers are threatening to publish, or have published, stolen information on the dark web in an attempt to extort organizations and individuals.

We are working with local and federal law enforcement and third-party vendors to investigate this incident, to assess the information that has been compromised, to enforce the law, and to limit the release of stolen information.

We are alerting you now so you are able to take protective actions as we work to address the situation.

What you should do to protect your personal and financial information:

Sign up for free credit monitoring and identity theft protection: To help you protect your identity, we are offering the entire UC community complimentary credit monitoring and identity theft protection for one year through Experian IdentityWorks^SM. This service includes:

Credit monitoring: Actively monitors your Experian file for indicators of fraud.
Internet surveillance: Technology searches the web, chat rooms & bulletin boards 24/7 to identify trading or selling of your personal information on the dark web.
Identity restoration: Identity restoration specialists are immediately available to help you address credit and non-credit related fraud.
Experian IdentityWorks ExtendCARETM: You receive the same high-level of identity restoration support even after your Experian IdentityWorks membership has expired.
$1 Million Identity Theft Insurance: Provides coverage for certain costs and unauthorized electronic fund transfers.
Lost wallet: Provides assistance with canceling/replacing lost or stolen credit, debit, and medical cards.
Child monitoring: For 10 children up to 18 years old, internet surveillance and monitoring to determine whether enrolled minors in your household have an Experian credit report are available. Also included are identity restoration and up to $1M Identity Theft Insurance.

You should have received an enrollment code and engagement number if the official email sent by UC ANR. If not, contact us directly at help@ucanr.edu.

For adults, visit experianidworks.com/RR3Bplus
For minors, visit experianidworks.com/minorplus

For help with enrolling, you may call (866) 617-1923

Monitor and set up alerts for bank account(s): Monitor your bank account(s) for suspicious transactions and report any to your bank. Ask the bank for online monitoring and alerts on your account. This will give you early warning of any fraudulent transactions.

Watch out for suspicious emails: We believe the person(s) behind the Accellion ATF attack may send threatening mass emails in an attempt to scare people into giving them money. Anyone receiving such an email should either forward it to your local information security office or simply delete it. Please do not engage or respond.

Place a fraud alert on your credit file: We recommend you place a fraud alert on your credit file by contacting one of the three nationwide credit bureaus listed below. If a fraud alert is placed on a consumer’s credit file, certain identity verification steps must be taken prior to extending new credit.

Important reminders about protecting yourself: These incidents are reminders of the importance of doing everything possible to protect your online information. Here are five rules for protecting your information. In addition, you may wish to take additional identity theft measures described at https://www.identitytheft.gov/databreach

We regard the privacy of all of our community members with the utmost seriousness. We will keep the UC community updated as we learn more and are able to share additional information.

----------------------------------------------------------------------------

Urgent: Beware of phishing emails

March 30, 2021

Phishing attacks are on the rise and ANR and universities in general are soft targets for cyber-criminals due to the very nature of the services we provide to communities.

Please be aware that an email message such as the one below has been making the rounds at some University of California (UC) campuses. Also, a very insidious ransomware attack, the Clop ransomware, is impacting several UC-wide locations. We strongly advise that you do not click on links in messages such this or any other message that comes from an Email ID unknown to you.

Example of a suspicious email

Good day!
If you received this letter, you are a customer, student, partner or employee of University of California.
The company has been hacked, data has been stolen and will soon be released as the company refuses to protect its peoples' data.
We inform you that information about you will be published on the darknet if the university does not contact us.
Call or write to this store and ask to protect your privacy!!!!

General information about phishing

Phishing is what we call cyber hacker attempts to trick you into providing sensitive information about yourself to someone who is pretending to be a trusted or reliable connection via email. You have probably seen this kind of thing before. You might have noticed something wrong about a spoof email and knew not to click on a link or open an attachment, and maybe you have even been fooled by a clever phishing attack.

Who are these scammers? Usually they work in organized crime, sharing vast amounts of information and research on individual patterns of behavior. They get to know you well enough from your shared online activities to deliver a message that is crafted to look realistic to you.

UC guidelines on cyber awareness related to phishing

https://security.ucop.edu/resources/security-awareness/phishing-2018.html

Please forward any suspicious email to help@ucanr.edu for further investigation.