McGill estimates that 36 Minerva accounts were accessed by a third party using information obtained through this phishing attack. In 14 of these cases, users’ bank deposit information was changed. Upon discovery, Information Security Office disabled access to all 36 affected user accounts and Human Resources are in the process of notifying all individuals affected. We continue to monitor the situation and have contacted the Montreal police.
Because McGill – just like other universities or large organizations – is targeted regularly by phishing attacks, we want to take this opportunity to remind you to be vigilant. We invite you to read the tips provided on our website at http://kb.mcgill.ca/it/phishing to learn how to identify a phishing attack and how you can protect yourself and your personal information. It is also a good idea to periodically review your records to check the accuracy of the information they contain.
If you suspect that you have been a victim of this or a similar attack, please contact the IT Service Desk at ITsupport [at] mcgill [dot] ca or 514-398-3398.
For further reading on identity theft or identify fraud, visit the RCMP website at http://www.rcmp-grc.gc.ca/scams-fraudes/id-theft-vol-eng.htm