Quick Summary
- Office of the President is investigating to determine the scope of the attack
- UCOP will reach out directly to any UC Davis affiliates affected by this incident
- Report suspicious email without clicking on any links or replying to the sender
A letter sent by email today (March 31), from Viji Murali, vice provost, Information and Educational Technology, and chief information officer; and Cheryl Washington, chief information security officer.
To Our Campus Community:
The UC Davis Information Security Office is working with UCOP in response to a security incident involving UC employee information.
Beginning Monday, March 29, many UC Davis email accounts started receiving messages stating that their personal data had been stolen and would be released. We learned from our colleagues that similar messages were being received in email accounts for multiple campuses throughout the UC system.
RELATED CONTENT
- UCOP microsite: Protecting Your Information (including videos in English and Spanish)
- FAQs (updated April 27)
- From UCOP: UC Among Targets in Nationwide Cyberattack
- Protecting yourself and UC
- 5 rules to protect your online security
The Information Security Office investigated and found that these emails contained a link to a public website where a sample of personal data from UC employees was posted. Working with the IET uConnect email team, we took steps to block these messages from being received by UC Davis email accounts.
We have subsequently learned that some personal UC employee data was obtained through a cyberattack on a UCOP system, and this was the source for the information released. The security team at UCOP, working with law enforcement, is investigating the matter and has released a statement that you can read on the Dateline news site.
UCOP is working to determine the scope, and will reach out directly to any members of the UC Davis community affected by this incident. In the meantime, if you receive any suspicious email, please report it to cybersecurity@ucdavis.edu without clicking on any links or replying to the sender.
This is also a good time to review cybersecurity tips. The UC Cyber Security Awareness Fundamentals course includes some great content on these types of issues; please log onto the UC Learning Center to view the course if you have not already done so.
Always be suspicious of any email asking for personal or user account information. UC Davis will never ask you for such information via email. If you have questions or concerns, please contact cybersecurity@ucdavis.edu.
Thank you for your attention to this matter.
Viji Murali
Vice Provost, Information and Educational Technology
and Chief Information Officer
Cheryl Washington
Chief Information Security Officer
Media Resources
Dateline Staff: Dave Jones, editor, 530-752-6556, dateline@ucdavis.edu; Cody Kitaura, News and Media Relations specialist, 530-752-1932, kitaura@ucdavis.edu.