SOMEONE HACKED THE EMAIL SYSTEM
The University of Alaska is notifying potentially affected students and others after an investigation into a data privacy incident revealed unauthorized access to some UA email accounts.
The breach took place over a year ago, but it wasn’t until Friday at 11 pm that the university made public the breach through third-party news release services such as PRWire.com.
The press release does not indicate how many people are believed to be impacted. The university has no notification on its own website about the breach.
The university says it is notifying individuals whose records were or may have been in the email accounts at the time of the hack attack and is providing credit resources that can be used to help protect against misuse of information.
The problem dates to February 2018, when the university officials began receiving reports from people having problems accessing their university email accounts.
The university took steps to disable unauthorized access and started an investigation. The school worked with a third-party expert to determine the impact of the breach.
That investigation determined that certain users UAOnline account passwords were changed by an unauthorized third party. UA notified all of those whose accounts were affected and upgraded security protocols for password changes.
The information that may have been present in the affected email accounts varies by individual.
That information may include an individual’s name, government issued identification number, date of birth, digital signature, driver’s license number, usernames and/or passwords, financial account numbers, health and/or health insurance information, passport number, and UA student identification number. For certain individuals, Social Security number may also have been present in the affected email accounts.
UA is notifying potentially affected individuals of this incident, providing them with access to credit monitoring, and providing information and access to resources they may use to better protect against potential misuse of personal information, should they feel it appropriate to do so.
To assist individuals who may have further questions about this incident, UA established a toll-free hotline: 866-783-5580, operational weekdays, 5 am – 6 pm. Additional information may also be found at https://www.alaska.edu/news/it/dataincident.php. The University will not contact people by phone to request any personal information.