University of Virginia Foiled By Phishing Attack, Data Breach Engulfs 1,400 Employees

Computer hackers accessed personally identifiable information and financial details belonging to around 1,400 University of Virginia workers as part of an email phishing scam, the University announced. An internal investigation determined that the culprits first accessed the stolen records in early November 2014 and continued to pluck private data up through early February 2015.

The phishing emails were successful in tricking an untold number of recipients with access to the University's Human Resources system into coughing up their usernames and passwords. Once the hackers had the necessary login details, they were able to access W-2 forms of around 1,400 of the University's more than 20,000 employees, plus direct deposit banking information of 40 workers.

University of Virginia

"In collaboration with the FBI, the University confirmed that unauthorized individuals illegally accessed a component of our human resources system, exposing personally identifiable information of a subset of Academic Division employees. The exposure does not include UVA Medical Center information as it is on a separate system," the university stated in an FAQ page about the incident.

At least some of the information stolen seems to have been used for tax fraud, though the full extent of how it was used isn't yet clear. As far as why the university waited until now to disclose a security breach that took place in late 2014 and early 2015, officials simply stated "affected employees were notified as soon as it was practical, consistent with the FBI investigation."

"The University regrets that the personal information of these employees was accessed and has already taken steps to fortify its systems to prevent this from occurring in the future," Patrick Hogan, the University’s executive vice president and chief operations officer, said in a statement.

This isn't the first time the University of Virginia has been targeted by hackers. Back in June, a more sophisticated cyber attack originating from China affected portions of the University's IT systems. The FAQ page states that the two incidents are unrelated to each other.