Data Breach of Virginia University! United States!

Hackers target the database of Virginia University. University is admitting it and saying that the confidential information of university employees is at risk now. Hackers targeted the network of HR (Human Resource) department, therefore personal information of approximately 1400 Academic Division Employees is at risk. FBI is investigating this case and the incharge of this investigation has said that the identities of criminals is still unknown but they will be arrested by our officers very soon.

According to security fields and Law enforcement the main reason behind this breach was a phishing attack. A well coded malicious email was sent by attackers as institution head to its employees. In that email they ask the employees to give their personal information as their accounts need to be more secure. The employees provide their personal credentials to the attackers.

The systems of HR Department were in the control of hackers and they were sending emails by pretending themselves head of HR Department, that’s why employees of Virginia University are saying that they were asked to put their Usernames and Passwords.

1400 employees of Virginia University are the victim of this trap, because they have fill their username and password on the pop-up send by the hackers. Unfortunately banking information of 40 employees is also included in it. University is not clear about Medical Center information (UVA) breaching because it was available on another system which was not connected to the network of HR Department.

University admitted that these credentials were stolen by the hackers in November 2014. In February 2015, employees noticed changes and intrusion in their personal accounts. University was hiding this data breach from FBI and was giving free credit of one year to the infected employees.

But on the 22 January of this year, affected staff was notified by the FBI. Now FBI is investigating this case. In June 2015, the email accounts of two IT department employees were hacked by Chinese hackers and they were stealing the internal information of Virginia University.

CEO of iboss Cyber security said about this data breach,” It look like a small data breach but in actual it is not. Financial credentials of the employees, SSN (Social Security Numbers) of employees has been stolen by the hackers in this hack. It is very easy for the hackers to sell this information in black market of dark web.”

Paul Martini (CEO) also said that there is need to improve security methods of most sophisticated networks to protect them from these type of Data Breach attacks. Phishing is a game of mind and hackers just need some social marketing skills to spread malware through it.

Source: zdnet