Massive security breach at US universities.
US universities have been affected by a major data breach.
A massive data breach has hit US Universities including Stanford University, University of California, University of Miami, University of Colorado Boulder, Yeshiva University, Syracuse University, and University of Maryland, Baltimore. Hackers have stolen terabytes of student, prospective student, and employee personal information including transcripts, financial info, mailing addresses, phone numbers, usernames, passwords and Social Security Numbers. These breaches are part of the larger Accellion FTA leak which has affected ~50 organizations. Students who applied to these colleges (or even have an account in the case of UC) are at risk of having their personal and financial information leaked publicly online including their Social Security Numbers. The hackers have sent emails to some victims. If you receive one of these emails, do not click the attached link unless you understand how to use Tor. The hackers are holding the universities at ransom. Unless the universities pay the ransom, the hackers will continue publishing student information.
Steps to take if you have been affected
1a. Change all of your passwords
While passwords are usually stored as hashes, it is still important to change your passwords after a data breach because poor security practices can allow for your password to be decoded using a Rainbow table.
1b. Enable Two Factor Authentication
If you want to stay super-safe, you can enable two factor authentication on your accounts. Two factor authentication secures your account by requiring a second form of authentication. For example, a phone app that generates a temporary security code that resets every 30 seconds or a smart card.
2. Check your bank statements
Check your bank statements to make sure that no unauthorized payments have been made. If you believe your card number has been exposed, ask your bank for a new card number.
3a. Check your credit report
3b. Freeze your credit
To prevent identity fraud, you can freeze your credit. Freezing your credit prevents anyone from opening new credit (e.g. a credit card) in your name. You must freeze your credit with all three credit bureaus. Freezing your credit on one will not freeze your credit on the other two.
Responses from universities are in bold.
- ACCELLION: Mandiant validates full remediation of all known security vulnerabilities in the FTA product
- CAMPUS LIFE SECURITY: Data Breach at Syracuse University Leaves Almost 10,000 Names, SSNs Exposed
- BLEEPING COMPUTER: Ransomware gang leaks data stolen from Colorado, Miami universities
- UNIVERSITY OF COLORADO: About the Accellion Cyberattack
- ZDNET: Ransomware group targets universities in Maryland, California in new data leaks
- FTC: Identity Theft Recovery Steps
- UCNET: UC part of nationwide cyber attack
- UCNET: Five rules for protecting your security online
- UC BERKELEY: UC Email Security Incident... [JPG 359K]
- UCLA: Further Update [TXT 1389B]
- Full list of breached organizations [PNG 37.4K]
- UC DAVIS: UC Among Targets in Nationwide Cyberattack
- DATABREACHES.NET: Accellion’s data breach left clients in tough position: pay extortion to criminals, or have their data dumped (with updates)
- DATABREACHES.NET: Threat actors leak files with protected health information from U. Miami
- HACKREAD: Cl0p ransomware gang leaks sensitive data from 6 US universites
- DAILY BRUIN: Nationwide cyberattack targets personal information of some in UC community
- DAILYCAL: Nationwide cybersecurity attack compromises UC employee data
- MIAMI HERALD: Hackers hit University of Miami, posted patients’ private info. School won’t discuss details
- SECURITY: Clop ransomware gang breaches University of Colorado and University of Miami
- Ransom E-Mail [TXT 451B]
- RANSOMWATCH: View extorters websites without compromising your or anyone else's data.
- STANFORD DAILY: Hackers leak SSNs and student data in massive data breach
- BALTIMORE SUN: University of Maryland, Baltimore says private data was published online following ransomware attack
- SFBJ: University of Miami investigates data breach
- EDSCOOP: UC Davis joins victims of Accellion file-sharing breach
- DAILY SWIG: UC Berkeley confirms data breach, becomes latest victim of Accellion cyber-attack
- COMMENTATOR: Hackers Steal YU Students’ and Employees’ Personal Information in Accellion Security Breach
- CYBERWIRE: COVID-19 phishing might be Goblin Panda. Ubiquiti confirms extortion attempt. More universities hit by Accellion compromise.
- ENTERPRISE: UC Davis hit by cyberattack
- WIRED: The Accellion Breach Keeps Getting Worse—and More Expensive
- AP: University of California victim of nationwide hack attack
- R/BERKELEY: Oof
- R/UCI: UC DataUniversity of Maryland, Baltimore says private data was published online following ransomware attack Breach
- R/UCLA: UC Data Breach
- R/UCR: UC Data Breach
- R/STANFORD: Massive Security Breach at US Universities
- HACKERNEWS: Security Breach at US Universities
- Extorters change email providers after ISP crackdown, only update some of email addresses on their site.
- No new downloads posted.
- Hackers post 1.3 GB of UC data and 10 GB of Stanford data.
- Hackers appear to be posting one new download link per day.
- Hackers post first 1.3 GB UC and Stanford data dump on their website.
- University of California releases a statement.
- UC Davis releases a statement.
- E-mails sent out to victims.
- Hackers created page for UC and Stanford.