The rival schools have a new common enemy — the cybercriminals sending their students and faculty emails reading “Your personal data has been stolen and will be published."
It was way back on February 1 of this year when a file sharing software product called Accellion announced a “security incident,” but insisted at the time it had “all known vulnerabilities closed.” A little over a month later, Wired more accurately identified it as a major data breach that had “snowballed into a global extortion spree,” now nailing big names like the grocery chain Kroger, the law firm Jones Day (yes, them), and the University of Colorado.
Now two months later, the number universities affected is growing and growing. KPIX reports that University of California staff and students had their information breached, and the site Government Technology adds that Stanford students’ data was compromised too.
According to Government Technology, these schools’ students and faculty are receiving messages saying "Your personal data has been stolen and will be published" unless some manner of ransom is paid. Inside Higher Ed notes that it may only be Stanford’s medical school, not the entire university, that was breached. But that site also hunted down the actual records that were breached and notes that “A sample of documents reviewed by Inside Higher Ed included academic transcripts, medical records, research grants and employment contracts.”
As with many extortion hacks, the criminals are likely bluffing that they have more data than they actually actually do. According to an official statement from the University of California, “some UC community members receiving these threatening emails will not have had their data compromised.”
The school encourages anyone who receives the threatening email to not engage, and to just delete it, and to follow guidance provided at IdentityTheft.gov.
UC is also offering a number of free credit monitoring and identity theft protection services and insurance. They have free user codes for these normally paid services provided by Experian IdentityWorks.
This is, however, the same Experian that had 24 million of its own customers breached this past August.