University of California (UC) confirms that the personal information was thieved this week in a cyberattack including the Accellion File Transfer Appliance (FTA) services.
This incident, took place in the late December 2020, after a censorious vulnerability was found in the decades-old file sharing service, influenced tens of companies,universities and government agencies.
University of California at first confirmed the impact from the incident that occurred in early days of the April, soon after the operators of Clop ransomware, which mobilized the attack on Accellion’s service, which published on their Tor-based leaks website info supposedly was stolen from the university and the other entities also.
The university confirmed this week that the attackers were certainly able to access a great deal of personal info appropriating to it’s “employees (current and former) and their dependents, retired people and beneficiaries, and current students, as well as other individual people who have participated in University of California programs.”
The information which was subjected to theft may include names and the addresses, Social Security numbers, phone numbers, driver’s license and passport information, financial data (which also includes bank routing and account numbers), birthdates, health and related benefiting details, disability information, and other important data.
The university of california , which also confirmed that some of the information which was stolen was posted online, says it is associating with the FBI on investigating upon the incident.
In addition, while it is getting notifying it’s affected individuals, the university of california is working to recognize the members of the community whose personal info was influenced and their contact info and says it anticipate for the affected people to get a notification within the next 45 to 60 days of the attack.
They are also notifying the individuals separately who are going to apply or completed the applications for the school year 2021-22 whose contact information (name, e-mail address and phone number) was influenced. Their notification will contain information relevant to those individuals, the university of california notes.
The data breach affected the Accellion FTA only, there are no other systems affected. The university says it has already deactivated the file sharing service, that it is changing to a more secure solution, and that it is taking initiative and measures to improve the overall security levelsof its network.