June 4, 2021
This week we restored most of our systems and are getting back to our focus on teaching and learning. Most services are back online, and registration is open for summer and fall semesters
The investigation is ongoing, and we continue working closely with law enforcement and security experts. This was an attack directed at our networks and impacted several servers as well as hundreds of desktop computers. As part of the attack, some information was encrypted by malicious software, malware, that limited our access to important information. Through multiple processes we now have access to most of that information and have been able to bring most services back online.
Attacks like these are unfortunately not rare, and in the past few months have impacted some of the largest universities and companies in the world. We’re going to keep improving our security so we can keep providing accessible, affordable access to higher education.
Anwers to Frequently Asked Questions
Did the hackers steal any personally identifiable
information (PII)? The investigation is ongoing, and
we have not found any evidence of this, but if we discover
information that personal information has been compromised, we
will notify those students individually and disclose the
specific data elements potentially affected.
Did the hackers steal credentials to log on to accounts
like student Gmail?
Our investigation is still ongoing but to date, we have found no evidence of any student credentials being compromised and no evidence of keyloggers or other malware being distributed on Sierra websites.
Can the hackers now access my bank
account? Direct deposits and student aid
distributions are handled by a third-party vendor that was not
impacted by this incident. In addition, our investigation has
not found any evidence that student banking credentials have
been compromised due to this incident.
- What are you doing differently now to ensure this doesn’t happen again? We have implemented several additional best practices to our security at the user and enterprise level and continue working with our security consultant to improve our security.