UVA LAW SCHOOL — EMAIL FROM PATRICK D. HOGAN — TECHNOLOGY SYSTEM HACK
To the University Community:
The University of Virginia has confirmed that sophisticated attackers originating from China illegally accessed portions of the University’s information technology systems. Federal authorities had alerted the University of a possible cyber attack, and this was confirmed by the University on June 11. Upon becoming aware of the attack, the University engaged Mandiant, an internationally recognized cybersecurity firm, to immediately help the University identify the nature of the attack and take corrective action. This action included enhanced security measures to further fortify University data and systems.
AI Is Reshaping Legal Practice—But Tools Aren’t The Real Differentiator.
Explore the mindset, cultural shifts, and training strategies that define the AI‑savvy lawyer, revealing why human judgment, standardized competence, and integrated learning—not technology alone—will shape the future of the profession.
The University has been working with federal authorities during the course of this investigation.
Our forensic investigation has indicated that _no_ personally identifiable information — such as Social Security numbers and banking information — or personal health information was accessed. There is also no evidence that sensitive research material was accessed.
The University is in the process of upgrading security systems to further strengthen the security of data and information stored on University resources and to help prevent future cyber attacks.
The system security upgrade will begin at 5:00 p.m. ET on Friday, Aug. 14. The upgrade is anticipated to be completed by the evening of Sunday, Aug. 16. During this period of time, access to many University systems, including University email accounts, will _not_ be possible.
AI Is Killing Legal’s Billable Hour. It’s Also Repeating Its Worst Mistake
Law firms and legal departments are writing the future of the profession in separate rooms. What happens when they actually work together?
The University is also requiring all users to change their Eservices login passwords after the system upgrade is complete. (Please see “How do I change my password…” for more details).
It is important to note that the U.Va. Medical Center will not be affected during this system upgrade as its information technology resources are on a separate secured system that was not targeted by the attackers. Patient services will not be affected. U.Va. Health System employees will have access to their systems and Health System email accounts.
You will find answers to additional questions and other information regarding this matter below and online at www.virginia.edu.
When the system upgrade is complete, an email message and a text message will be sent via U.Va. Alerts to users who have registered for the text message service. The community can also check www.virginia.edufor updates on the progress of the system upgrade.
For technical questions related to the system upgrade or the password change, call the U.Va. Help Desk for IT at 4-HELP (434-924-4357) or toll-free 866-469-4866. For general information about this incident, please call toll-free 877-939-6228.
The security of your information and other data stored on University systems is a high priority, and we are working diligently to address this matter. Cyber attacks and other information technology threats have grown rapidly in recent years. These attacks occur in many places, including businesses in the public and private sectors, government and institutions of higher education, and the attacks come in many different forms.
We appreciate your cooperation, and more importantly your patience, as our dedicated teams of professionals work diligently to upgrade our systems and further enhance the University’s information technology infrastructure.
Sincerely,
Patrick D. Hogan
Executive Vice President and COO
Frequently Asked Questions
Q: What do I need to do?
A: When systems come back online, you will need to change your Eservices password.
Q: What is an Eservices password and how do I know if I have one?
A: You use your Eservices password for access to the UVa Exchange Service* (email and calendaring, sometimes referred to as “Outlook”), login to classroom and library computers, network printing, the UVa Hive, Premium Server clients (ES1 and ES3), Home Directory Service, and SharePoint. It can also be used to log into NetBadge. Most faculty, staff, and students have an Eservices account and password.
This account is NOT used for Medical Center email or clinical systems.
* This does NOT include Health System/Medical Center, Darden, or McIntire email services.
Q: How do I change my password on my computer and my mobile devices?
A:
1. If you have a mobile device(s) and read your UVa email (except for Darden, McIntire, and HSTS) on it, put it in “airplane mode.” If not, proceed to step 2.
2. On your computer go to https://whois.virginia.edu/password.
3. Change your password and then immediately shut down your computer.
4. With your mobile device(s) still in airplane mode, change your email password to the password you created in step 3 above on each device.*
5. Wait 15 minutes and restart your computer.
6. Log into your computer, launch email, and enter the new password if prompted.
7. Take your device(s) out of airplane mode.
*On certain Android and other mobile devices you may have to delete the email account and set it up again in order to change the password.
Q: Where do I go for help if I have technical questions?
A: Call the UVa Help Desk for IT at 4-HELP (434-924-4357) or toll free at 866-469-4866.
Q: What happened?
A: Increasingly sophisticated attackers are defeating security measures of the highest order in businesses, government, and institutions of higher education. The University of Virginia has confirmed that attackers originating in China illegally accessed portions of the University’s information technology systems. Federal authorities had alerted the University of a possible cyber attack, and this was confirmed by the University on June 11. Upon becoming aware of the attack, the University engaged Mandiant, an internationally recognized cybersecurity firm, to immediately help the University identify the nature of the attack and take corrective action. This action included enhanced security measures to further fortify University data and systems.
Q: Was data or information accessed during the cyber attack?
A: The University’s forensic examination has indicated that _no_ personally identifiable information — such as Social Security numbers and banking information — or personal health information was accessed by the attackers.
Q: What is the University doing to address this matter and to help prevent future attacks?
A: The University is in the process of upgrading security systems to further strengthen the security of data and information stored on University resources and to help prevent future cyber attacks.
The system security upgrade will begin at 5:00 p.m. ET on Friday, Aug. 14. The upgrade is anticipated to be completed by the evening of Sunday, Aug. 16. During this period of time, access to many University systems, including University email accounts, will not be possible.
The University is also requiring all users to change their U.Va. Eservices login passwords after the system security upgrade is complete. (Please see “How do I change my password…” for more details).
Q. During the system security upgrade, how will the University community be notified of emergency situations?
A. The University employs a range of technological solutions to assist it in alerting the community to emergency situations as quickly as possible. Emergency alerts are reserved for critical incidents that pose an imminent threat to the health and safety of the University community.
During the system upgrade, access to many University systems and email will not be available. Emergency notifications during the system upgrade will be conveyed via the following channels:
– Fire alarm – indicates the need to evacuate the building immediately.
– Siren – indicates that there is an imminent threat to the University community. If you are outside and hear the siren and audible announcement, follow the announced instructions. If the audible announcement cannot be understood, immediately check your cell phone for a U.Va. Alert message or go to U.Va.’s Emergency Homepage (uvaemergency.virginia.edu) for information on the emergency. For those without access to electronic communication devices, follow your department’s emergency protocols.
– U.Va. Alerts – notifies registered users via text message.
– Public address system announcements – announces emergency information in locations where public address systems are available.
– Official University of Virginia social media channels
Q: How will students be impacted by this system upgrade?
A: Students will not be able to access University email accounts, SIS, UVa Collab or other affected systems during the system upgrade.
The “Just Report It” online system will _not_ be available during the upgrade. Complaints normally submitted via the “Just Report It” online system should be reported to the University Police Department (434-924-7166) or to CAPS (434-972-7004).
Q: Will www.virginia.edu and related websites be unavailable during the system update?
A: Many University websites will _not_ be available during the system update. The University’s homepage, www.virginia.edu, will have limited functionality while offering updated information regarding the status of the system security upgrade.
The U.Va. Health System and U.Va. Athletics websites will not be affected and will be available to access.