University of Virginia employee data hackedReprints
Financial data on about 1,400 University of Virginia employees has been obtained by hackers as a result of a phishing email scam, the university said.
The Charlottesville-based university said last Friday that it was recently informed by the Federal Bureau of Investigation that hackers obtained W-2s for about 1,400 employees for years 2013 and 2014, as well as the direct deposit banking information of about 40 employees. Overseas suspects involved in the incident are now in custody, according to the university.
The university said in a statement issued Jan. 22 that emails were sent asking recipients to click on a link and provide user names and passwords. Once that happened, the perpetrators were able to gain access to the university's human resources system.
The information was accessed between early November 2014 and February 2015, the university said.
“The University regrets that the personal information of these employees was accessed and has already taken steps to fortify its systems to prevent this from occurring in the future,” Executive Vice President and Chief Operating Officer Patrick D. Hogan said in the statement. “The security of personal information and data is a top priority of the University, and our IT professionals will continue to remain vigilant and work to further enhance our IT security infrastructure and systems.”
An FBI spokesman had no comment.