IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

Data Breach Exposes Users in UC and Stanford Networks

Stanford University and the University of California are among those warning users that their personal information may have leaked online after the security breach of a file-sharing system from the IT company Accellion.

The Hoover Tower at Stanford University in Palo Alto Calif.
The Hoover Tower at Stanford University in Palo Alto Calif.
(TNS) — Stanford University and the University of California are warning users of their computer systems to take extra caution following a nationwide cyberattack that affects its computer systems.
The two universities acknowledged their systems were part of the widespread security breach involving the Accellion file sharing system, in which an unknown number of university users' files were compromised, subjecting them to possible demands for money to prevent the files' contents from being revealed or destroyed.
Stanford said its medical school had been targeted and that it was working with a cyber forensics firm to determine whose personal data has been stolen. A statement from the school's dean of medicine and CFO said identity theft protection services would be offered to employees and others.
"All individuals should remain vigilant and promptly report and suspicious activity or suspected identity theft," the statement said.
UC said the cyber attackers have "published online screenshots of personal information" in an attempt to "scare people into giving them money." The university system said that once it learned of the cybersecurity attack, it reported it to federal law enforcement and began an internal investigation.
"At this time, we believe this attack affected only the Accellion system and did not compromise other UC systems or networks," UC said in a statement.
According to the statement, some computer users were sent a message that says: "Your personal data has been stolen and will be published."
The university called the threats "broad and somewhat imprecise" and said some users who received them will not have had their data compromised. It advised users who received the threat to either forward it to campus computer security officials or delete it. It urged computer users not to click on links or open attachments from anyone but trusted sources.
UC said it had not yet completed its review of the attack and suggested that users consider placing free fraud alerts and security freezes with the Equifax, TransUnion and Experian credit bureaus.
The Accellion system was attacked over the winter by suspects exploiting a flaw in its software. Among the other colleges reportedly affected are the universities of Maryland, Colorado and Miami, and Yeshiva University in New York. Government agencies and private companies were also targeted.

©2021 the San Francisco Chronicle. Distributed by Tribune Content Agency, LLC.