Data Breach at the University of Virginia Exposes 1,400 Personnel Records

Data Breach at the University of Virginia Exposes 1,400 Personnel Records

January 27, 2016         Written By Lynn Oldshue

Late last week, the University of Virginia notified its employees that their personally identifiable information (PII) had been accessed by an unauthorized third party.

The breach occurred due to a phishing scam where cyber criminals sent emails asking recipients to click a link and enter their UVA usernames and passwords. Once inside the system, the perpetrators were able to access the 2013 and 2014 W-2s of approximately 1,400 (of the University’s 20,000) employees. In addition to W-2s, the direct deposit banking information of 40 employees was accessed.

Featured Fair Credit Card
Top Features :All credit types welcome to apply!

According to the UVA announcement, the hackers first accessed the system in November 2014, and the last suspected intrusion took place in February 2015.

Last spring, a number of UVA employees had reported tax fraud. At the time, the University did not believe this fraud resulted from a breach of its databases. However, the recent FBI investigation indicates that some of these fraud attempts may have resulted from this attack.

After an investigation, the FBI has the “overseas” suspects in custody.

UVA faced a cyberattack originating from China in June, but they said the two incidents were unrelated. This previous attack targeted the school’s IT system.

The information contained within this article was accurate as of January 27, 2016. For up-to-date
information on any of the terms, cards or offers mentioned above, visit the issuer's website.


About Lynn Oldshue

Lynn Oldshue has written personal finance stories for for twelve years. She majored in public relations at Mississippi State University.
View all posts by Lynn Oldshue