Credit monitoring company Equifax announced on September 7th that they experienced a data breach that exposed credit information for approximately 143 million individuals. This information included the person’s name, social security number, date of birth, current and previous addresses, and potentially their driver’s license number. Approximately 182,000 individual’s credit card numbers were also exposed. The breach is still under investigation, and these numbers may change as more information is discovered.
Michigan Tech IT has seen an increase in spam and phishing email enabled by email spoofing—when a user or system sends an email with a forged header so that it appears to be from an @mtu.edu address. We have been working on solutions, and on March 7 a preventative measure will be enabled to help reduce spoofing. After the change is made, email sent from a forged @mtu.edu address will have a much greater chance of being marked as spam.
We recognize there are legitimate tools that include spoofing as a feature (e.g., survey software) and have pre-approved many of the services used on campus that include spoofing as a part of their normal operation. The following will not be impacted by this new tool:
- Alumni – iModules
- Qualtrics Surveys
- Survey Monkey
- Collegiate Link/Campus Labs
- EMAS Recruiting software
- Systems on campus that relay mail through IT-run services
If you use a tool that isn’t listed above, and the email that it sends appears to be from an @mtu.edu address, please contact us so that we can make sure your service isn’t affected. If you have any questions or experience any issues sending legitimate “spoofed” email after March 7, please contact us at firstname.lastname@example.org or 7-1111.
By now, many of you have heard of the data breach at Anthem, which may have also leaked data of Blue Cross Blue Shield of Michigan (BCBSM) members. While BCBSM is still investigating what member data has been breached, we do know that Anthem stored data on BCBSM members who received health care in a number of states outside of Michigan. The data accessed includes names, date of birth, member ID/social security numbers, addresses, phone numbers, emails addresses, and employment information.
Though the investigation as to the extent of the exposure of BCBSM data is still underway, there are a number of steps that all users should take:
- Monitor you current accounts for any unusual activity. Data from the breach may be used to try to answer security questions and access your accounts.
- Sign up for fraud alerts with each of the three major credit bureaus. This will notify potential credit grantors to verify your identity before extending credit. This will stay on your account for 90 days and will allow time for BCBSM to complete their investigation.
- Obtain a current copy of your credit report. You can receive a free copy of your credit report once every 12 months at: https://www.annualcreditreport.com.
- Be aware of unexpected changes to your credit report or credit score. Many sites will monitor your credit but may charge a fee. CreditKarma is a well-respected free site for monitoring your credit score and can be found at: https://www.creditkarma.com.
- Be suspicious of any email related to the breach that asks you to give personal information. Anthem will be directly notifying all impacted members via postal mail and will advise you on the next steps to take. Many cyber criminals are using the incident to target potential members with phishing attempts. If you receive an email that appears to be from Anthem and contains a “click here” link for credit monitoring, it is a scam!
DO NOT click on any links in an email appearing to be from Anthem.
- DO NOT reply to the email or reach out to the senders in any way
- DO NOT supply any information on the website that may open if you do click on a link.
- DO NOT open any attachments that arrive with email.
- If you have received heath care services in California, Colorado, Connecticut, Georgia, Indiana, Kentucky, Maine, Missouri, Nevada, New Hampshire, New York, Ohio, Virginia or Wisconsin, you should contact Anthem at 1-877-263-7995 or visit their website: http://www.anthemfacts.com/.