Cybersecurity Alerts

This page provides the most recent Cybersecurity Alerts for campus users, including students, employees and others with North Carolina A&T e-mail accounts. Bookmark it for information and suggested actions, if any, that are being encouraged around specific threats.


 August 18, 2023

Data Breach Affects Some Students, Employees

North Carolina Agricultural and Technical State University has been informed by third-party vendors that provide services to students and employees of a cyberattack that exposed the personal data of some of their customers.

The data incident affected numerous organizations that use the MOVEit file transfer protocol or FTP system. Organizations affected include, but are not limited to, the National Student Clearinghouse, TIAA and Corebridge Financial (formerly VALIC).

While no systems owned or operated by N.C. A&T were compromised in this incident, the investigation of breached systems determined that unauthorized parties obtained files containing personal information from some customers or users, including individuals affiliated with A&T. Those organizations serving A&T employees are contacting any affected individuals directly. Any student whose data was compromised will be notified by National Student Clearinghouse on behalf of A&T.

It appears that a small percentage of our student body and employee ranks was affected in this incident. Neverthless, as a consequence of this breach, we are once again encouraging students and employees to take important steps to protect their personal information. Our university takes cybersecurity and data privacy seriously, and we urge students and employees to do the same.

Things you can do to protect yourself

  1. Be extra vigilant. Cyber criminals may leverage stolen personal information from this attack to create convincing phishing attacks in the coming weeks and months. An email, notice or text message containing accurate information about you or one of your accounts is not enough to verify authenticity. Verify the source of a message before responding. Take note ofhow to identify and avoid a phishing attack. Cyber criminals also use phone calls to obtain personal or financial information.
  2. Monitor your financial accounts and credit report.It is always wise to monitor credit reports for unusual activity. Consider putting a credit freeze in place to frustrate would-be scammers if you believe you are being targeted. 
  3. Secure your accounts.Remember to enable two-factor authentication and to use long passphrases for all of your accounts. Click here for guidance on setting effective passwords. Never give someone your password or a two-factor code if asked for it, even if they claim to be from a trusted organization.

 


 

May 19, 2023

Phishing Scam Targets A&T Students

Multiple students and employees have been the target of a phishing scam where the scammer masquerades as a North Carolina A&T faculty member communicating on behalf of the university and offering a job as a research assistant.  

Red Flags

  • The fake faculty or staff sender email address ends in @gmail.com, not @ncat.edu.
  • The recipient is asked to provide a resume.
  • The recipient is asked for personal identifiable information (PII) (e.g., SSN, DOB, banking information, etc.).
  • The recipient is "hired" on the spot.
  • The recipient is sent a counterfeit check for deposit that features the university's logo.
  • The recipient is asked to use the funds from the deposit to pay for office supplies using Zelle.

If you have been targeted and sent your resume to one of the fake email accounts, notify any reference listed on your resume.

Contact your financial institution immediately if you deposited the fraudulent check or if you conveyed your financial institution’s name and/or account number to the sender. 

Please notify informIT@ncat.edu

  • if you received the phishing attempt.
  • if you sent your full or partial Banner ID to the sender.
  • if you have any questions.

Accessing the FTC Identity Theft Resource is recommended

  • if you sent your full or partial SSN.
  • if you suspect that you’re an identity theft victim.