The email was specifically sent to recipients within the UVA Community (July 11) at 9 AM. If you have received the email, it is important that you follow the instructions provided in the message as soon as possible.
UVA Information Security
Dear Faculty, Staff, Students, and Colleagues:
On June 1, the University was the target of a sophisticated cyberattack. Within hours of occurrence, this unauthorized access was identified and contained by our Information Technology Services (ITS) team.
During this incident, information was exposed that could make it easier for a third-party to obtain a UVA academic password. Therefore, out of an abundance of caution, we are requiring that passwords be reset.
What you need to do
Please reset your UVA academic password now to maintain uninterrupted access to our shared systems, such as UVA email, networks, and other centrally supported services and applications.
Step-by-step instructions for resetting your password can be found at: https://in.virginia.edu/pw.
Passwords not reset by 9 a.m. on Wednesday, July 12 will result in temporary loss of access to UVA email and other shared systems.
If you have tried the instructions above and need further assistance, our UVA Help Desk is available to help: hxxps://in.virginia.edu/helpdesk. Due to the high volume of anticipated requests, the quickest way to receive help will be via our Help Desk chat option. You may also call the ITS Help Desk at 4-HELP (434-924-4357) or toll-free 866-469-4866.
This message can be validated with the UVA Help Desk with reference code: #######.
Please note the importance of using unique passwords for university and personal accounts, as per University authentication standards. If your practice has been to use the same passwords for multiple accounts, you are strongly encouraged to also change your password for all other accounts where it has been used.
What you need to know
Our investigation indicates that no personally identifiable or financial information — such as names, Social Security numbers, and banking information — or personal health information was accessed. In fact, no information on our servers classified for highly sensitive data was compromised.
It is also important to note that UVA Health systems were not affected.
UVA Health Team Members: Your UVA Health passwords (Single Sign On, etc.) do not need to be reset unless you have used the same password for both your UVA academic and UVA Health accounts. If you have a UVA academic password, please reset it now.
UVA Wise, School of Law, Darden: Your school’s passwords do not need to be reset unless you have used the same password for both UVA academic and your school’s accounts. However, you will need to reset your UVA academic password.
Additional details about this cyber security incident can be found at: https://in.virginia.edu/incident-response.
The security of your information and other data stored on University systems is a top priority, and we continually invest in and harden our information security measures as cyber-attacks grow ever more sophisticated and frequent. Our measures successfully safeguard our systems against many such attempts every day.
We are making every effort to limit any inconvenience or loss of account access caused by this password reset process and have expanded our UVA Help Desk support services to ensure help is available if needed. We appreciate your expedient cooperation and patience as we work through this next step in our incident response, together.
Very truly yours,
Jennifer (J.J.) Wagner Davis
Executive Vice President and Chief Operating Officer
Interim Vice President & Chief Information Officer
Chief Information Security Officer
UVA Help Desk Reference #######