The CASE building, where some members of the Office of Information Technology are located. (Photo courtesy of the University of Colorado Boulder)
The University of Colorado Boulder was victim to a cyberattack last month, according to an email sent out to CU students and staff, prompting swift action to prevent future security breaches.
“Last month, we detected an incident involving the campus information technology infrastructure,” said Marin Stanek, the university’s chief information officer in the email. “CU Boulder is doing everything it can to protect out university community from these attacks.”
According to a spokesperson for the university, once CU was made aware of the attack, they immediately suspended access to all systems and accounts that were impacted and began an investigation, as the compromised systems were potentially at risk of unauthorized access. The attack was contained and there were “no immediate impacts” to sensitive data or campus IT services.
The university is proceeding with an enterprise-wide password reset “out of an abundance of caution,” the spokesperson said.
The university is also working with law enforcement to investigate source of the attack, as well as Mandiant, a third-party firm that describes itself as the “market leader” in threat intelligence and expertise.
Enhanced security initiatives will be occurring within the upcoming months, but for now, university leadership is asking all students, faculty, and staff to protect their information by changing their passwords to their accounts “immediately”. The community will also be required to change their passwords on “at least an annual basis,” per a CU spokesperson.
“Together, we can better secure and protect our online systems and information,” said Stanek.
Tips on how to reduce your cybersecurity risks can be found here.
Contact CU Independent Staff Writer William Oster at William.Oster@colorado.edu.
