In late January, Accellion, a third-party vendor used by the University of Colorado to transfer large files, was the victim of an international cyberattack that compromised certain CU data files available on the Accellion system. The CU System immediately notified the CU community, contacted the authorities, and launched an electronic forensic analysis that has now concluded.
The forensic analysis, completed by CU’s Office of Information Security, revealed that more than 310,000 unique records with varying levels of personal identifiable information were potentially compromised.
Students, faculty, staff, and affiliates whose data was involved will receive letters and/or emails this week alerting them to precisely what information of theirs was involved and what actions to take to protect themselves, including activating complimentary monitoring services. If you were impacted and have additional questions or concerns, or need assistance activating the identity monitoring services offered, visit the central webpage, contact 1-855-484-1109 (starting April 14) or email University-of-Colorado-Support@kroll.com.
As in many international cyberattacks, the perpetrators may attempt to contact those whose data was compromised. If you are contacted by the hackers, CU asks you to simply not respond, delete the message and, instead, utilize the resources provided to you.
For up-to-date information regarding Accellion’s incident, visit https://www.cu.edu/accellion-cyberattack.