Aug 14, 2023 | Alerts
We have seen a new wave of fraudulent activity related to UCI members coming from Chime and Go2Bank. This includes accounts being opened using a UCI member’s personal information by unauthorized individuals, and getting notified of that via their UCI email, personal email, and/or physical letter with debit card delivered to their mailing address.
This has also been reported at other UC locations. UCOP is advising the same guidance as was communicated in 2021.
We also suggest our Identity Theft Protection Tips. However, it appears Chime isn’t doing a credit check before creating accounts, so in that case a credit freeze hasn’t helped.
We recommend not clicking on any links in the email you may receive from them. Do not transfer any funds into these accounts.
For Chime, forward the “Welcome to Chime” email to support@chime.com or call them at (844) 244-6363, and ask them to cancel the fraudulent account for you.
For Go2Bank, call them at (855) 459-1334 or contact them by using one of the methods listed at https://www.go2bank.com/help/contact-us.
If you are a UCI member and have any questions, contact security@uci.edu.
Apr 12, 2023 | Alerts
Apple has released critical patches for iPhones, iPads, and Macs to address zero-day flaws being actively exploited that can result in complete device compromise and data breach. Details of the vulnerabilities are tracked as CVE-2023-28206 and CVE-2023-28205.
Please manually initiate system update to patch these devices as soon as possible.
More Information:
Mar 15, 2023 | Alerts
There is a critical Microsoft Outlook vulnerability for Windows (CVE-2023-23397) that allows hackers to remotely steal hashed passwords by simply receiving an email, and is actively being exploited.
Please ensure system and application updates are initiated and devices patched as soon as possible. Another layer of defense is to block TCP 445/SMB outbound from your network firewall.
More Information:
Dec 23, 2022 | Alerts
Update 3/1/2023: LastPass provided more technical details about the incident and more recommendations to take, see more information below.
LastPass, the provider of a password manager & vault security product used by some at UCI, experienced a cybersecurity incident in August of this year. At that time, they reported no impact to customer information and no impact to customer password vaults.
Yesterday, LastPass unexpectedly announced that customer information (company names, end-user names, billing addresses, email addresses, telephone numbers, and the IP addresses) and encrypted password vaults were stolen.
Risks
- We don’t know if a subset or all of their customers are affected, but we are assuming the worst case scenario.
- While the stolen password vaults are encrypted with each user’s master password, there is a possibility the master password could be cracked and decrypted over time via brute-force methods, with master passwords that are shorter in length being more vulnerable.
- Since the threat actor has an offline copy of the encrypted vault, UCI multi-factor authentication would not protect against such brute-force cracking.
- LastPass also revealed that the website URL is not encrypted within the vault, only the username, password, and notes fields are.
- Since the threat actor also obtained customer names and email addresses, there is increased risk of them sending phishing messages to trick you into giving them your master password.
Actions to Take
- A strong master password (see password strength resources below) should make it very difficult and take a very long time to crack any stolen encrypted vault, however practicing due diligence is always a good idea.
- Whether you use a personal LastPass account, or the UCI-provided LastPass Enterprise account, we recommend you change your LastPass master password to a new unique value that is at least 12 characters long, the longer the better.
- Never provide your master password (or any password) to anyone, if anyone asks you for it contact OIT Security immediately.
- We recommend changing any high value passwords stored within LastPass within a reasonable timeframe and enable multi-factor authentication on them where possible as well.
- If you had a weak master password and also stored any personally identifiable information in a LastPass Secure Note, you may also want to consider these identity theft protection tips.
More Information
Password Strength Resources
Oct 31, 2022 | News & Announcements
As Cybersecurity Awareness Month 2022 comes to a close, we have launched a completely redesigned version of the UCI Information Security website at https://security.uci.edu
What’s new on the redesigned website?
- Completely new look and feel with current UCI branding and theme
- Focus on content that is of the most relevance to the UCI campus community
- Simpler organization of content within an improved menu layout
- Improved search function
- Improved way to consume announcements and alerts
But this is just the initial rollout, we are continuing to add more content on this new platform every day. That is where we’d like your feedback! Let us know what kind of information you’d like to see added or improved, we’ll try to prioritize the top vote getters. Please email security@uci.edu with your feedback.
