The University issued the following message to faculty, staff and students on Aug. 8: (h/t/, SC Magazine):
Dear Members of the Emory Community:
Emory University is investigating a breach of its information technology infrastructure that is similar to incidents recently reported by other academic institutions and large organizations. We are working closely with information security consultants and law enforcement to determine the source and impact of this breach.
We are not aware at this time of any protected health information or Social Security numbers being compromised. We do not have any indication at this time that Emory Healthcare IT systems have been affected.
As a precaution, we recommend that anyone with an Emory University netID/username change the password to that account. You may update your password by following the “Change Your Password” link on the Emory University home page. As we learn more about the extent of this incident, we may ask you to repeat this process.
In addition, if you use your Emory password for any personal accounts, such as accessing your banking account or credit cards online, we recommend that you also change those passwords from a non-Emory device and network.
Information security is one of Emory University’s highest priorities and we are continually upgrading our systems to defend against cyber attacks. Like many institutions, Emory repels millions of attempted attacks on its information systems each day. In recent months, a number of large organizations have reported attacks involving their information systems. Preliminary indications are that the breach at Emory bears many similarities to these incidents.
Because of the ongoing nature of the investigation, we cannot at this point give more details, but we will provide updates to the Emory community in due course. Thank you for your patience and support during this process.
Sincerely,
Rich Mendola
Enterprise Chief Information OfficerBrad Sanford
Chief Information Security Officer