51³Ô¹ÏºÚÁÏ has learned that it, along with other universities, government agencies and private companies throughout the country, was recently subject to a cybersecurity attack. The attack involves the use of Accellion, a vendor used by many organizations for secure file transfer, in which an unauthorized individual appears to have copied and transferred 51³Ô¹ÏºÚÁÏ files by exploiting a vulnerability in Accellion’s file transfer service.
RELATED CONTENT
- (including videos in English and Spanish)
- From 51³Ô¹ÏºÚÁÏ Davis: IT Leaders Address Cybersecurity Attack
- Protecting yourself and 51³Ô¹ÏºÚÁÏ
- 5 rules to protect your online security
Upon learning of the attack, 51³Ô¹ÏºÚÁÏ immediately reported the incident to federal law enforcement, took measures to contain it and began an investigation. At this time, we believe this attack affected only the Accellion system and did not compromise other 51³Ô¹ÏºÚÁÏ systems or networks.
51³Ô¹ÏºÚÁÏ’s investigation includes a review of the files we believe may have been copied and transferred as part of this attack. Upon completion of our review, we should be able to better assess the data and individuals impacted. Once we can identify affected individuals, we will notify them and provide information regarding additional next steps.
We understand those behind this attack have published online screenshots of personal information, and we will notify members of the 51³Ô¹ÏºÚÁÏ community if we believe their data was leaked in this manner.
Watch out for suspicious emails
We believe the person(s) behind this attack are sending threatening mass emails to members of the 51³Ô¹ÏºÚÁÏ community in an attempt to scare people into giving them money. The message states:
“Your personal data has been stolen and will be publishedâ€
By their nature, these kinds of attacks are very broad and somewhat imprecise. Accordingly, some 51³Ô¹ÏºÚÁÏ community members receiving these threatening emails will not have had their data compromised, while other community members with compromised data may not receive any email.
Anyone receiving this message should either forward it to your local information security office or simply delete it. At 51³Ô¹ÏºÚÁÏ Davis, send to cybersecurity@ucdavis.edu.
Protecting yourself and 51³Ô¹ÏºÚÁÏ
We remind all members of the 51³Ô¹ÏºÚÁÏ community to not click on links or open attachments unless you know and trust the sender.
In addition, you may wish to take the following steps to protect your information:
- Place a fraud alert with one of the three nationwide credit bureaus: , or .
- Place a security freeze on your credit report by making a request to the three credit bureaus.
51³Ô¹ÏºÚÁÏ regards the privacy of all its community members with the utmost seriousness. We will update the 51³Ô¹ÏºÚÁÏ community as we are able to disclose additional information.
5 RULES
51³Ô¹ÏºÚÁÏOP has posted . Here is a quick summary:
- Think before you click — Criminals are experts at making phishing emails as convincing as possible.
- Protect your passwords — Your old tricks for setting and storing your passwords may no longer be up to the task.
- Protect your devices — For many of us, our homes are now our offices. Keep your devices as secure at home or on the road as you would in the office.
- Protect your files — Make sure important information is stored securely, in a physically separate location from the originals, and test your backups periodically.
- If it’s suspicious, report it! — Report suspected scams and other suspicious activity to your local information security office. At 51³Ô¹ÏºÚÁÏ Davis, contact cybersecurity@ucdavis.edu.