On Friday, Oct. 2, our Information Security unit discovered that an unknown third party conducted a malicious attack overnight that resulted in some user directory information (first name, last name, email address, campus phone number) being obtained. Once we became aware of the incident, we disrupted their access and immediately conducted an internal investigation.
At this time, there is no evidence to suggest the attack exposed any passwords or any other confidential (Level 1) information.
While we have no evidence that user passwords have been compromised, pending the completion of the forensic investigation, IITS is strongly encouraging all faculty, staff and students to change their password by visiting thecampus password reset page.
If you have any questions or concerns, please contact firstname.lastname@example.org.