Stanford University and the University of California are warning users of their computer systems to take extra caution following a nationwide cyberattack that affects its computer systems.
The two universities acknowledged that their systems were part of the widespread security breach involving the Accellion file sharing system, in which an unknown number of university users’ files were compromised, subjecting them to possible demands for money to prevent the files’ contents from being revealed or destroyed.
Stanford said its medical school had been targeted and that it was working with a cyber forensics firm to determine whose personal data has been stolen. A statement from the school’s dean of medicine and chief financial officer said identity theft protection services would be offered to employees and others.
“All individuals should remain vigilant and promptly report any suspicious activity or suspected identity theft,” the statement said.
UC said the cyber attackers “published online screenshots of personal information” in an attempt to “scare people into giving them money.” The university system said that once it learned of the cybersecurity attack, it reported it to federal law enforcement and began an internal investigation.
“At this time, we believe this attack affected only the Accellion system and did not compromise other UC systems or networks,” UC said in a statement.
According to the statement, some computer users were sent a message that says: “Your personal data has been stolen and will be published.”
The university called the threats “broad and somewhat imprecise” and said some users who received them will not have had their data compromised. It advised users who received the threat to either forward it to campus computer security officials or delete it. It urged computer users not to click on links or open attachments from anyone but trusted sources.
UC said it had not yet completed its review of the attack and suggested that users consider placing free fraud alerts and security freezes with the Equifax, TransUnion and Experian credit bureaus.
The Accellion system was attacked over the winter by suspects exploiting a flaw in its software. Among the other colleges reportedly affected are the universities of Maryland, Colorado and Miami, and Yeshiva University in New York. Government agencies and private companies were also targeted.
(c)2021 The San Francisco Chronicle. Distributed by Tribune Content Agency, LLC.