{"id":2195,"date":"2024-08-28T19:03:53","date_gmt":"2024-08-28T19:03:53","guid":{"rendered":"https:\/\/blogs.luc.edu\/uiso\/?p=2195"},"modified":"2024-08-28T19:48:10","modified_gmt":"2024-08-28T19:48:10","slug":"update-to-locus-phishing-breach-posted-on-june-24-2024","status":"publish","type":"post","link":"https:\/\/blogs.luc.edu\/uiso\/update-to-locus-phishing-breach-posted-on-june-24-2024\/","title":{"rendered":"\u00a0Update to LOCUS Phishing Breach Posted on June 24, 2024"},"content":{"rendered":"<p>&nbsp;<\/p>\n<p>On June 24, 2024, Loyola University Chicago posted notice of certain data security incidents involving student refunds and Loyola\u2019s investigation into such incidents.\u00a0 The incidents involved the unauthorized change (\u201cUnauthorized DDPI Change\u201d) of certain student direct deposit profile information (\u201cDDPI\u201d) included in LOCUS by one or more unauthorized actors (\u201cBad Actors\u201d).<\/p>\n<p>Since the June post, Loyola has worked to develop and implement a number of additional safeguards to address the problem of Unauthorized DDPI Changes, which have continued to occur.<\/p>\n<p>As a result of Unauthorized DDPI Changes, Loyola has put in place a notification system that alerts students when their DDPI has changed.<\/p>\n<p>As noted in the June 2024 post, when Loyola becomes aware of student accounts where there has been an Unauthorized DDPI Change, the Information Technology Services team will continue to institute a forced reset of the passwords for such students.<\/p>\n<p>Students are encouraged to stay diligent in safeguarding their Loyola credentials.<\/p>\n<p>Loyola\u2019s investigations into the Unauthorized DDPI Changes have linked such changes to phishing schemes perpetrated by one or more Bad Actors. \u00a0Such schemes have also impacted other universities and colleges. In some schemes, the Bad Actor sends students a phishing email, which leads to the disclosure of the student\u2019s LOCUS password and allows the Bad Actor to access LOCUS and change the student\u2019s DDPI to a bank account under the Bad Actor\u2019s control.\u00a0 Then, when payments are credited to the student in LOCUS, the actual funds are forwarded to the Bad Actor\u2019s unauthorized bank account instead of the student\u2019s account.<\/p>\n<p>Loyola takes these incidents very seriously and has invested hundreds of hours in recent months to investigate such incidents and to develop and implement the safeguards described above.\u00a0 Loyola monitors its systems for unlawful attacks and, on an ongoing basis, implements new technologies intended to defeat such attacks and protect the personal information of Loyola faculty, staff, and students.\u00a0\u00a0 However, Loyola is unable to monitor and prevent phishing schemes and urges all LOCUS users to be alert to such schemes.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>&nbsp; On June 24, 2024, Loyola University Chicago posted notice of certain data security incidents involving student refunds and Loyola\u2019s investigation into such incidents.\u00a0 The incidents involved the unauthorized change (\u201cUnauthorized DDPI Change\u201d) of certain student direct deposit profile information (\u201cDDPI\u201d) included in LOCUS by one or more unauthorized actors (\u201cBad Actors\u201d). Since the June [&hellip;]<\/p>\n","protected":false},"author":6,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2,3,5,7],"tags":[],"class_list":["post-2195","post","type-post","status-publish","format-standard","hentry","category-front-page","category-hacks","category-phishing","category-published"],"_links":{"self":[{"href":"https:\/\/blogs.luc.edu\/uiso\/wp-json\/wp\/v2\/posts\/2195","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blogs.luc.edu\/uiso\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blogs.luc.edu\/uiso\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.luc.edu\/uiso\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.luc.edu\/uiso\/wp-json\/wp\/v2\/comments?post=2195"}],"version-history":[{"count":1,"href":"https:\/\/blogs.luc.edu\/uiso\/wp-json\/wp\/v2\/posts\/2195\/revisions"}],"predecessor-version":[{"id":2196,"href":"https:\/\/blogs.luc.edu\/uiso\/wp-json\/wp\/v2\/posts\/2195\/revisions\/2196"}],"wp:attachment":[{"href":"https:\/\/blogs.luc.edu\/uiso\/wp-json\/wp\/v2\/media?parent=2195"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blogs.luc.edu\/uiso\/wp-json\/wp\/v2\/categories?post=2195"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blogs.luc.edu\/uiso\/wp-json\/wp\/v2\/tags?post=2195"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}