Quick Summary
- Office of the President is investigating to determine the scope of the attack
- UCOP will reach out directly to any °ÄÃÅÁùºÏ²Ê¿ª½±½á¹û×ßÊÆͼ affiliates affected by this incident
- Report suspicious email without clicking on any links or replying to the sender
A letter sent by email today (March 31), from Viji Murali, vice provost, Information and Educational Technology, and chief information officer; and Cheryl Washington, chief information security officer.
To Our Campus Community:
The °ÄÃÅÁùºÏ²Ê¿ª½±½á¹û×ßÊÆͼ Information Security Office is working with UCOP in response to a security incident involving UC employee information.
Beginning Monday, March 29, many °ÄÃÅÁùºÏ²Ê¿ª½±½á¹û×ßÊÆͼ email accounts started receiving messages stating that their personal data had been stolen and would be released. We learned from our colleagues that similar messages were being received in email accounts for multiple campuses throughout the UC system.
RELATED CONTENT
- (including videos in English and Spanish)
- From UCOP: UC Among Targets in Nationwide Cyberattack
- Protecting yourself and UC
- 5 rules to protect your online security
The Information Security Office investigated and found that these emails contained a link to a public website where a sample of personal data from UC employees was posted. Working with the IET uConnect email team, we took steps to block these messages from being received by °ÄÃÅÁùºÏ²Ê¿ª½±½á¹û×ßÊÆͼ email accounts.
We have subsequently learned that some personal UC employee data was obtained through a cyberattack on a UCOP system, and this was the source for the information released. The security team at UCOP, working with law enforcement, is investigating the matter and has released a statement that you can read on the Dateline news site.
UCOP is working to determine the scope, and will reach out directly to any members of the °ÄÃÅÁùºÏ²Ê¿ª½±½á¹û×ßÊÆͼ community affected by this incident. In the meantime, if you receive any suspicious email, please report it to cybersecurity@ucdavis.edu without clicking on any links or replying to the sender.
This is also a good time to review cybersecurity tips. The UC Cyber Security Awareness Fundamentals course includes some great content on these types of issues; please log onto the to view the course if you have not already done so.
Always be suspicious of any email asking for personal or user account information. °ÄÃÅÁùºÏ²Ê¿ª½±½á¹û×ßÊÆͼ will never ask you for such information via email. If you have questions or concerns, please contact cybersecurity@ucdavis.edu.
Thank you for your attention to this matter.
Viji Murali
Vice Provost, Information and Educational Technology
and Chief Information Officer
Cheryl Washington
Chief Information Security Officer
Media Resources
Dateline Staff: Dave Jones, editor, 530-752-6556, dateline@ucdavis.edu; Cody Kitaura, News and Media Relations specialist, 530-752-1932, kitaura@ucdavis.edu.