On Monday, January 10, 2022 the North Orange County Community College District (NOCCCD or the District) identified suspicious activity on various network servers. The District began investigating the activity with the assistance of outside computer forensic specialists to determine the nature and scope of the incident. The District learned that an unauthorized actor accessed both Cypress College's and Fullerton College's networks at varying times between approximately December 7, 2021 and January 10, 2022. Files containing information for certain individuals may have been viewed and/or taken by the unauthorized actor.
What is the District doing?
Upon becoming aware of this issue, the District launched a response to secure our network, restore college operations, and investigate what happened. We are also coordinating with the colleges to review and enhance existing policies related to data protection, and have implemented multi-factor authentication as well as an advanced threat protection and monitoring tool to better protect data. New and expanded employee cybersecurity trainings are being implemented throughout the District. We reported this incident to relevant regulators, as appropriate. We have also reported this incident to the FBI.
What data was impacted?
Once the attack was discovered, the District immediately launched an investigation with the assistance of leading cybersecurity specialists into the nature and scope of the attack. The forensic investigation confirmed that the cybercriminals gained access to our networks, and that personal information may have been accessible as a result.
The potentially impacted data may vary by individual. NOCCCD sent mailed letters to impacted individuals and provided notice via this posting as well as a posting on Fullerton College's website: https://isc.fullcoll.edu/ and Cypress College's Dental Clinic website: https://emma-assets.s3.amazonaws.com/uzxbb/600300ce7fae020e6a786cfc208e387d/NOCCCD_-_Substitue_Notice__dental_clinic_.pdf.
I didn't receive a letter, is my information impacted?
On March 25, 2022, NOCCCD began mailing formal notification letters to impacted individuals. If you did not receive a letter but you believe that your information was impacted please call 1-833-783-1440 between the hours of 6 a.m. to 6 p.m. PT Monday through Friday.
Was this a ransomware attack?
Yes, Cypress College and Fullerton College experienced a ransomware attack. Cypress College and Fullerton College immediately took steps to confirm the security of their systems, including the deployment of an advanced threat protection and monitoring tool.
What if I want to speak to someone regarding this incident?
We have established a confidential assistance line for you to utilize if you have questions or concerns regarding this incident. Please call 1-833-783-1440 between the hours of 6 a.m. to 6 p.m. PT Monday through Friday.
What can I do to protect against identity theft or fraud?
Although NOCCCD has no indication at this time that any identify theft or fraud has occurred in relation to this event, the following are best practices to take after any data privacy event:
There are fraudulent charges on my credit/debit card. What do I do?
At this time, the District has no indication that credit/debit card information was specifically impacted by this incident. However, you should immediately contact your bank or financial institution if you identify any fraudulent or suspicious charges on your credit or debit card. They will provide instructions on how to dispute the charges and have a new account issued to avoid any further suspicious activity. Incidents of identity theft should also be reported to your local law enforcement.
Should I check my credit report?
You should monitor your credit report regularly regardless of whether your information may have been exposed or you think you may be a victim of identity theft or fraud. Every U.S. consumer over the age of 18 can receive one free credit report every 12 months by contacting one of the three national credit bureaus or through the Annual Credit Report Service by visiting www.annualcreditreport.com or calling toll-free, 1-877-322-8228.
What is the purpose of a "fraud alert"?
A fraud alert tells creditors to contact you before they open a new credit account under your Social Security number. An initial fraud alert is a one-year alert that is placed on a consumer's credit file at no cost to the consumer. Upon seeing a fraud alert display on a consumer's credit file, a business is required to take steps to verify the consumer's identity before extending new credit. If you are a victim of identity theft, you are entitled to an extended fraud alert, which is a fraud alert lasting seven years. Should you wish to place a fraud alert, please contact any one of the following agencies:
|Equifax Fraud Alert, P.O. Box 105069 Atlanta, GA 30348-5069||Experian Fraud Alert, P.O. Box 9554, Allen, TX 75013||TransUnion Fraud Alert, P.O. Box 2000, Chester, PA 19016|
What is the purpose of a security freeze?
A security freeze will prohibit a consumer reporting agency from releasing information in your credit report without your express authorization. The security freeze is designed to prevent credit, loans, and services from being approved in your name without your consent. You should, however, be aware that using a security freeze to take control over who gets access to the personal and financial information in your credit report may delay, interfere with, or prohibit the timely approval of any subsequent request or application you make regarding a new loan, credit, mortgage, or any other account involving the extension of credit. Pursuant to federal law, you cannot be charged to place or lift a security freeze on your credit report. Should you wish to place a security freeze, please contact the major consumer reporting agencies:
|Equifax Credit Freeze, P.O. Box 105788 Atlanta, GA 30348-5788||Experian Credit Freeze, P.O. Box 9554, Allen, TX 75013||TransUnion Credit Freeze, P.O. Box 160, Woodlyn, PA 19094|
I think I may be a victim of identity theft. What should I do?
If you believe you are a victim of attempted or actual identity theft or fraud, we encourage you to take the following steps: