Rich Barlow reports:
Apparently using a common internet deception called phishing, scammers obtained log-in information allowing them to change direct deposit routing information for the paychecks of 10 BU employees in December. The employees’ monthly paychecks were then routed elsewhere.
[…]
Shamblin says that users of suspicious internet protocol (IP) addresses gained access to the Kerberos accounts of 78 employees last month, but they apparently breached only 10 Employee Self-Service (ESS) accounts, which contain direct deposit bank information. The University is investigating whether the remaining 68 were compromised, but Shamblin says that “we have no indication at this time that sensitive information for this population was accessed.”
Read more on BU Today.