Body: 

From: University Information and Technology

OSU Community Members, 

Approximately 400 Oregon State University student, staff and faculty accounts have been compromised by an email phishing attack that took place on Monday, May 16. To secure the affected accounts and protect student and university data, we have reset the passwords on those accounts. 

If you believe that you have clicked on a phishing email, we recommend you immediately reset your password as a precaution. 

What is happening? 
As a result of OSU accounts being compromised, a malicious actor can freely login to a student or employee’s account and access personal and university information. Similar phishing attacks have been reported at other universities and colleges nationwide. 

How does this impact me? 
The immediate impact is to the 400 accounts that were compromised. While these accounts had their passwords reset, we may need to take further action to prevent additional risks to university systems and operations – up to and including needing to reset passwords for all OSU community members. 

What do I need to do? 
If you believe that you have clicked on a phishing email, we recommend that you immediately reset your password as a precaution. 

For additional information about malicious attacks, please review available materials on Phishing on the Office of Information Security website and consider joining us for ‘FYI Friday’, this Friday, May 20 at 1 p.m., for a session on phishing and how to protect yourself. 

In the last few months, we have seen many other people become compromised by phishing emails. As a standard precautionary measure, we ask that you always take extra care when deciding whether to click on links in email messages. 

If you have any questions or concerns regarding this incident, please contact the OSU Service Desk at beav.es/help or by calling 541-737-8787. 

Thank you, 

Andrea Ballinger, Vice Provost & CIO 
Oregon State University | University Information and Technology 

Send Date: 
Tuesday, May 17, 2022