University of Virginia announces breach, says attack came from China
The University took down its IT systems on Friday as part of a comprehensive security upgrade that was completed on Sunday.
The University of Virginia announced Friday that attackers originating from China illegally accessed portions of its information technology systems, but that no personal information appears to have been affected.
Despite an investigation – aided by Mandiant – indicating that banking information and health data and Social Security numbers are secure, the university took down its IT systems on Friday as part of a comprehensive security upgrade that was completed on Sunday.
Now, all users are being required to change their Eservices login passwords, which are used for a variety of purposes such as gaining access to email and calendar services, classroom and library computers, and network printing.
“Federal authorities had alerted the University of a possible cyber attack, and this was confirmed by the University on June 11,” an FAQ published Sunday said, adding, “It was important that the hackers remain unaware of our action to investigate this event and protect against it. If the University had not taken this course of action, the situation could have worsened.”
Citing officials with the University of Virginia, The Daily Progress reported that the attack targeted email accounts belonging to two employees whose work is connected to China, and that the two staffers are still employed.
A University of Virginia spokesperson did not return a Monday SCMagazine.com email request for comment, and a Mandiant spokesperson told SCMagazine.com on Monday that the security firm could not comment on the active investigation.
The incident is simply the latest in a line of attacks against educational institutions, several of which have been reported as originating in China.
In late July, the University of Connecticut announced that access was gained to servers at its School of Engineering; and in May, Penn State University announced that attackers were identified on its College of Engineering network and may have compromised the personal information of 18,500 individuals.