Something is (still) missing Saturday, March 12, 2022
A program - hosted by UC - was held on the subject of cybersecurity recently. See below. Worrying about cybersecurity makes sense, given the current war in Ukraine. However, one thing seems to have been missing: any discussion of the Accellion breach last year, at least in the report. There is still no word on a subject of interest to the many folks in the UC community whose data were stolen: Will the one year of free Experian "dark web" monitoring UC provided to victims be renewed? We raised that issue on this blog two months ago.* No word on that issue. There is also no word on whether a ransom was paid or whether any monetary recovery from the company responsible for the breach has occurred. The latest word from UCOP is dated July 1, 2021: https://ucnet.universityofcalifornia.edu/data-security/updates-faq/index.html If you type "Accellion" into the UCOP search option, you get a notice that says:
Secure Attachment File Encryption (SAFE) As of August 18, 2021, UCOP has discontinued the use of SAFE (Kiteworks). We now use GoAnywhere for our secure messaging and secure file transfer system. https://www.ucop.edu/information-technology-services/services/ucop-itservices/accounts-e-mail-and-calendar/safe.html Presumably, although there is no explicit reference to Accellion, this notice pops up because the file transfer system was the source of the breach. On the cybersecurity program: 'Everyone' must prepare for university cyberattacks, says FBI agent
UCLA Faculty Association Blog: First Quarter 2022
227
