Follow up to 10/31 cybersecurity incident

I am following up to provide additional information and resources regarding the cybersecurity incident impacting the Penn community. On October 31, Penn discovered that a select group of information systems related to Penn’s development and alumni activities had been compromised.  Penn employs a robust information security program; however, access to these systems occurred due to a sophisticated identity impersonation commonly known as social engineering.

Penn’s staff rapidly locked down the systems and prevented further unauthorized access; however, not before an offensive and fraudulent email was sent to our community and information was taken by the attacker. Penn is still investigating the nature of the information that was obtained during this time.

It is important to note that all systems have been restored and are fully operational.

We recognize the severity of this incident and are working diligently to address it. Since the incident, Penn’s information security teams have been working around the clock. Penn has notified the FBI and continues to work with law enforcement. We are investigating the incident with the assistance of third-party cybersecurity professionals, including CrowdStrike, an industry leader in cybersecurity.

We encourage our entire community – inside and outside of Penn – to be wary of suspicious calls or emails that could be phishing attempts, particularly those that may be soliciting fraudulent donations, asking for your system credentials, or suggesting you change credentials or passwords. Also be wary of any embedded links in emails that you are not familiar with. For more information about how to keep your system and Penn’s secure, read Penn’s Information Systems & Computing (ISC) tips on protecting your information. https://isc.upenn.edu/security/aware/desktop

Sincerely,

Joshua Beeman

Interim VP of Information Technology & Interim Chief Information Officer