BOULDER, Colo. — A cyberattack that targeted a third-party vendor used by the University of Colorado impacted 300,000 records containing personal information ranging from transcripts to medical information to some social security numbers.
The attack happened in late January, and according to a Q&A posted to CU’s website on Friday, the university is refusing to pay a ransom requested by the hackers at the advice of the FBI.
The university said the people impacted by the cyberattack will receive a notification the week of April 12 and will receive credit monitoring, identity monitoring, fraud consultation and identity theft restoration.
> Video above: What to know about ransomware.
CU said most of the people impacted were from the CU Boulder campus, with some associated with CU Denver. The campuses in Colorado Springs and at Anschutz were not affected.
“While the full scope has not yet been determined, early information from the forensic investigation confirms that the vulnerability was exploited and multiple data types may have been accessed, including CU Boulder and CU Denver student personally identifiable information, prospective student personally identifiable information, employee personally identifiable information, limited health and clinical data, and study and research data,” CU wrote.
Ten other universities that also used the third-party vendor, called Accellion, were also impacted.
CU Boulder said it suspended its use of the service on Jan. 25, but restored it on Jan. 28 after it said the company made a patch available.
In the aftermath of the attack, CU said its Office of Information Security is “conducting a lessons-learned exercise to improve processes and practices.”
CU Vice President of Communication Ken McConnellogue provided 9NEWS with the following statement about the attack:
"Securing data is a priority at the University of Colorado, so we were disturbed to learn in January that a cyberattack on a third-party vendor we use compromised some student, faculty and staff data. We are notifying those in our community affected of the nature of their data that may have been exposed and providing credit and identity monitoring for them."
Read CU's full Q&A on the attack here.
SUGGESTED VIDEOS: Local stories from 9NEWS