Notice of recent data breach
University employees and students should be aware of a recent data breach and actions taken by the university to protect your personal and university information.
Earlier this month, several users of the university’s online systems began reporting an inability to access their password-protected Alaska.edu accounts. This issue impacted most services including Blackboard Learn, Google mail and UAOnline.
The UA Office of Information Technology, together with campus-based IT and security teams, initiated an investigation and found that user passwords had been changed by a third party. The hackers had access to personal information through social media and other sources, which allowed them to answer security questions in the UA self-service password reset tool. Since these users had chosen to not provide any custom security questions, the hackers were able to use the tool to change passwords.
To date, 50 current and former employee and student accounts have been compromised throughout the University of Alaska system. Those individuals were notified and their accounts were locked. They were advised to change their passwords and ensure that their UAOnline bank account information had not been altered. In addition, OIT staff collaborated to increase the security in the password reset tool to prevent further compromises.
Hackers may be looking for W-2 information to file fraudulent tax returns. OIT reported one case of a fraudulent filing. There are a number of scams associated with personal tax returns. The IRS reports that scams are particularly active this year, and has provided information about the current activities at https://www.irs.gov/newsroom/tax-scams-consumer-alerts.
What is the university doing now?
- UA IT staff is changing the self-service tool to require all UA users to provide custom security questions.
- The IP addresses used to conduct the attack have been blocked and the FBI and U.S. Department of Education have been notified.
- OIT is reviewing password change logs for additional suspicious activity, and is determining whether any student financial aid data was accessed.
- Those who were affected will be offered reimbursement insurance coverage in the event their data is fraudulently used and they suffer a loss. The university is working directly with affected employees to offer any assistance should they need it.
What can I do?
- Go to your campus self-service password reset tool at https://elmo.alaska.edu, login with your UA username/password and set a higher level of security by selecting “Security Settings” under your name.
- Visit http://www.alaska.edu/oit/securityawareness/ for security information and best practices.
- Periodically check your personal information in UAOnline to make sure it’s accurate and hasn’t been changed without your knowledge.
- Use strong passwords and don’t share them with others or store them in unsecure locations.
- Make sure you log out of your UAOnline account when you are done.
- Click “no” if your web browser asks you if you want it to remember your UAOnline password.
- If you notice irregularities or changes to your personal information, please contact Kathleen Boyle, Chief Security Officer, Office of Information Technology, University of Alaska at (907) 474-7404 or firstname.lastname@example.org.