What happened?

Increasingly sophisticated attackers are defeating security measures of the highest order in businesses, government, and institutions of higher education. The University of Virginia has confirmed that attackers originating in China illegally accessed portions of the University’s information technology systems. Federal authorities had alerted the University of a possible cyber attack, and this was confirmed by the University on June 11. Upon becoming aware of the attack, the University engaged Mandiant, an internationally recognized cybersecurity firm, to immediately help the University identify the nature of the attack and take corrective action. This action included enhanced security measures to further fortify University data and systems.

Was data or information accessed during the cyber attack?

The University’s forensic examination has indicated that no personally identifiable information — such as Social Security numbers and banking information — or personal health information was accessed by the attackers.

What is the University doing to address this matter and to help prevent future attacks?

The University is in the process of upgrading security systems to further strengthen the security of data and information stored on University resources and to help prevent future cyber attacks.

The system security upgrade will begin at 5:00 p.m. ET on Friday, Aug. 14. The upgrade is anticipated to be completed by the evening of Sunday, Aug. 16. During this period of time, access to many University systems, including University email accounts, will not be possible.

AUG. 16 UPDATE: U.Va. Completes Upgrades to IT Systems After Cyber Attack 

The University is also requiring all users to change their U.Va. Eservices login passwords after the system security upgrade is complete. (Please see “How do I change my password” for more details).

Why is the wider U.Va. community now learning of this?

In order to best protect against future attacks and in keeping with cybersecurity best practices, we notified the community as soon as we were confident that notification would not jeopardize our efforts to secure systems. It was important that the hackers remain unaware of our action to investigate this event and protect against it. If the University had not taken this course of action, the situation could have worsened.

During the system security upgrade, how will the University community be notified of emergency situations?

The University employs a range of technological solutions to assist it in alerting the community to emergency situations as quickly as possible. Emergency alerts are reserved for critical incidents that pose an imminent threat to the health and safety of the University community.

During the system upgrade, access to many University systems and email will not be available. Emergency notifications during the system upgrade will be conveyed via the following channels:

• Fire alarm - indicates the need to evacuate the building immediately.
• Siren - indicates that there is an imminent threat to the University community. If you are outside and hear the siren and audible announcement, follow the announced instructions. If the audible announcement cannot be understood, immediately check your cell phone for a U.Va. Alert message or go to U.Va.'s Emergency Homepage (uvaemergency.virginia.edu) for information on the emergency. For those without access to electronic communication devices, follow your department’s emergency protocols.
• U.Va. Alerts - notifies registered users via text message.
• Public address system announcements - announces emergency information in locations where public address systems are available.
• Official University of Virginia social media channels

How will students be impacted by this system upgrade?

Students will not be able to access University email accounts, SIS, UVa Collab or other affected systems during the system upgrade.

The “Just Report It” online system will not be available during the upgrade. Complaints normally submitted via the “Just Report It” online system should be reported to the University Police Department (434-924-7166) or to CAPS (434-972-7004).

Will www.virginia.edu and related websites be unavailable during the system update?

Many University websites will not be available during the system update. The University’s homepage, www.virginia.edu, will have limited functionality while offering updated information regarding the status of the system security upgrade.

The U.Va. Health System and U.Va. Athletics websites will not be affected and will be available to access.