From their press release.
KEY WEST, Fla., Feb. 27, 2019 /PRNewswire/ — Florida Keys Community College (the “College”) is taking action after discovering that it became the target of a phishing email campaign that compromised several employee email account credentials.
What Happened? On October 19, 2018 Florida Keys Community College (the “College”) learned of suspicious activity regarding an employee’s email account. We immediately launched an investigation, which included working with third-party forensic investigators, to determine the full nature and scope of this incident. The investigation determined that an unknown individual had accessed certain College employees’ email accounts between May 5, 2018 and November 5, 2018.
The contents of the accounts were reviewed through a manual and programmatic process to determine what sensitive data may have been accessible. On January 7, 2019, we confirmed the identities of the individuals who may have had information accessible as a result of the incident and promptly launched a review of our files to ascertain address information for the impacted individuals.
What Information Was Involved? The investigation in this matter confirmed that some combination of the following types of personal information may have been accessible as a result of the incident: name, address, date of birth, Social Security number, passport information, medical information, and username and password.
What is Florida Keys Community College Doing? The College takes the security of personal information in our care very seriously. Upon learning of this event, we promptly notified potentially affected employees and worked with them to secure their relevant College accounts. We are notifying state regulators as required by law. We are notifying potentially affected individuals and will be offering these individuals access to 12 months of free identity protection services and providing additional information on steps to protect their identity.
The College has security measures in place to protect data in its care and is taking steps to enhance data security protections to protect against similar incidents in the future including implementing increased security measures for account access. We implemented Multi Factor Authentication on all email accounts to prevent unauthorized access to accounts without verification by the account owner.
For More Information The College established a dedicated hotline for potentially affected individuals to contact with questions or concerns regarding this incident. For additional information, please call 1-833-231-3356, Monday through Friday, 9:00 a.m. to 6:30 p.m., EST. You may also write to us at 5901 College Rd., Key West, FL 33040.
SOURCE Florida Keys Community College
For full press release: see PRNewswire