From: HR Services <email@example.com>
Subject: Security alert
Yesterday cyber criminals captured the login credentials of three employees and used them to steal Personal information. ICT is in the process of investigating and reviewing system audit trails to determine how this occurred.
As a precaution We have blocked access to the Self Service functions that allow the downloading of W2 forms.
Please login to your Self Service to ensure that there has been no alteration to your contact or any other details.
If you notice any unauthorized changes, contact HUMAN RESOURCES IMMEDIATELY.
We have not yet determined a specific attack vector for this incident, but ICT is actively monitoring systems activities and implementing proactive controls. We are working to develop strategies to prevent future attacks of this type on our systems. Once these strategies are in place We will restore access to the disabled services.
If you need to modify any of your personal information while online services are disabled, please contact:
HR Service Center (732) 445-8000, firstname.lastname@example.org
Many universities across the country are also suffering from this type of cyber attacks, so we ask you to remain vigilant in your computing practices and to let us know of any unauthorized activity on your account. Information security is everyone’s responsibility, please notify us immediately at email@example.com if you suspect any kind of malicious cyber activity.