The ‘pho cult’ phenomenon
Established restaurateurs try new concepts in Los Gatos.
Stanford University is investigating claims hackers stole personal data from the School of Medicine.
The alleged theft was part of a larger national cyberattack on universities and organizations that use Palo Alto-based Accellion Inc.’s 20-year-old File Transfer Appliance, the university said in a statement. The FTA is a third-party file-sharing service.
“Stanford University School of Medicine has learned that cybercriminals have claimed they have stolen some School of Medicine data. … We are investigating this incident and we have reported the incident to law enforcement,” the university said.
It was not immediately clear what information was stolen or how many people were affected.
“We are working to determine whether individuals’ personal data has been affected, and we will notify any affected individual,” the university said. “We take data protection very seriously, and as a best practice, we recommend that all individuals remain vigilant and promptly report any suspicious activity or suspected identity theft to the Stanford School of Medicine.”
Hackers had published links to download data allegedly stolen from the university as of March 31, according to the Stanford Daily, the university’s student newspaper.
The newspaper reported that the School of Medicine used the file-sharing service for its Medsecuresend system, which is used to transfer financial and protected health data.
Accellion said the service was attacked once in December and again in January. All known vulnerabilities have since been patched, but the service is set to shut down by April 30.
In addition to Stanford, other victims of the attack include the University of Colorado, Washington State’s auditor, Australia’s financial regulator, the Reserve Bank of New Zealand and U.S. law firm Jones Day, according to the Associated Press.