Cybersecurity Incident Information

The cybercriminals responsible for the recent security incident published some amount of Northeastern State University data on the dark web. We are currently working to determine the extent to which it includes any sensitive personal information. Due to how cybercriminals publish data, it may take time to determine the full scope and nature of this data. We will provide notification to any individuals whose protected information is found to have been compromised in the course of this investigation, in accordance with all applicable laws, once the investigation is complete.

• Anybody can place a fraud alert on their credit file.
  
  You may place an initial one-year "fraud alert" on your credit files at no charge. A fraud alert tells creditors to contact you personally before they open any new accounts. To place a fraud alert, call or visit the website of any one of the three major credit bureaus at the numbers listed below. As soon as one credit bureau confirms your fraud alert, they will notify the others.

Equifax P. O. Box 105788 Atlanta, GA 30348 https://www.equifax.com/personal/credit-report-services/credit-fraud-alerts/ (800) 525-6285

Experian P. O. Box 9554 Allen, TX 75013 https://www.experian.com/fraud/ center.html (888) 397-3742

TransUnion P. O. Box 6790 Fullerton, CA 92834-6790 https://www.transunion.com/fraud-alerts (800) 680-7289

---

• You could also obtain a credit report for review. Under federal law, you are entitled to one free credit report every 12 months from each of the above three major nationwide credit reporting companies. Call 1-877-322-8228 or request your free credit reports online at www.annualcreditreport.com. Once you receive your credit reports, review them for discrepancies. Identify any accounts you did not open or inquiries from creditors that you did not authorize. Verify all information is correct. If you have questions or notice incorrect information, contact the credit reporting company.
  
  Even if you do not find any suspicious activity on your initial credit reports, the Federal Trade Commission (FTC) recommends that you check your credit reports periodically. Checking your credit report periodically can help you spot problems and address them quickly.
  
  If you find suspicious activity on your credit reports or have reason to believe your information is being misused, call your local law enforcement agency and file a police report. Be sure to obtain a copy of the police report, as many creditors will want the information it contains to absolve you of the fraudulent debts. You may also file a complaint with the FTC by contacting them on the web at www.ftc.gov/idtheft, by phone at 1-877-IDTHEFT (1-877-438-4338), or by mail at Federal Trade Commission, Consumer Response Center, 600 Pennsylvania Avenue, NW, Washington, DC 20580. Your complaint will be added to the FTC's Identity Theft Data Clearinghouse, where it will be accessible to law enforcement for their investigations. In addition, you may obtain information from the FTC about fraud alerts and security freezes.

---

• If you are very concerned about becoming a victim of fraud or identity theft, you may also request a "security freeze" be placed on your credit file at no charge.
  
  A security freeze prohibits, with certain exceptions, the consumer reporting agencies from releasing your credit report or any information from it without your express authorization. You may place a security freeze on your credit report by contacting all three nationwide credit reporting companies at the numbers below and following the stated directions or by sending a request in writing, by mail, to all three credit reporting companies: 

Equifax Security Freeze P.O. Box 105788 Atlanta, GA 30348 https://www.equifax.com/personal/credit-report-services/credit-freeze/ 1-800-349-9960

Experian Security Freeze P.O. Box 9554 Allen, TX 75013 http://experian.com/freeze 1-888-397-3742

TransUnion Security Freeze P.O. Box 2000 Chester, PA 19016 http://www.transunion.com/securityfreeze 1-888-909-8872

In order to place the security freeze, you'll need to supply your name, address, date of birth, Social Security number, and other personal information. After receiving your freeze request, each credit reporting company will send you a confirmation letter containing a unique personal identification number (PIN) or password. Keep the PIN or password in a safe place. You will need it if you choose to lift the freeze.

The Office of International Programs routinely collects passport information for students, faculty and staff participating in study abroad programs and international recruitment efforts. It appears that at least some of this passport information may have been included in data stolen by the cybercriminals. At this point, we do not know the scope of passport information that might be impacted.

The U.S. State Department does not recommend reporting your U.S. passport lost or stolen if your passport number was compromised. According to the State Department, you should only report your U.S. passport lost or stolen if the original, physical version of the passport book or passport card has been lost or stolen. Once you report a U.S. passport lost or stolen, it is invalid and cannot be used for international travel.

All user passwords were changed on June 4, 2023. Your first step in regaining access will be to go through the first time user process which can be found at the bottom of sso.nsuok.edu.

The new password you choose will need to meet the following requirements:

• Be a minimum of 15 characters 
• Contain at least one special character 
• Contain at least 1 uppercase 
• Contain at least  1 lowercase letter
• Contain at least 1 number
• Be different than your current password

We should always keep the following recommendations in mind managing email and spending time online:

• Do not click on links promising information about a pay bonus, bank account issues, and such. No reputable organization, including NSU, will ever ask you to email sensitive information such as a tax return, direct deposit bank account numbers, W2, or SSN.
• Use apps that you know and trust. Download software only from verified sources such as the App Store or Google Play.
• Verify that attachments are safe before downloading them. Cybercriminals may ask you to download a virus-containing attachment in order to view an update to an order, claim a prize, or change your payment method.
• Pause before you open an email. Ask yourself if you were expecting an offer or a notice of a prize gift card, or if you have a package scheduled for delivery that may be delayed?
• Verify links before clicking. When online shopping, click only on ads or links from a reputable source such as a retailer's official social media profile.
• Use official apps from FedEx, USPS and UPS rather than clicking on links claiming a package is delayed or canceled, particularly if you don't remember ordering something to be delivered.

If you receive a suspicious message, we recommend the following:

• If you suspect the message is phishing but want to be sure, reach out directly to the person or organization using saved contact information or information found on a trusted website.
• If using Gmail in your browser, click on the kebab menu (three vertical dots menu in the upper right corner) and select "Report Phishing." This will help Google - and therefore NSU - identify the offending message for quarantine.
• Always exercise extreme caution when clicking on links that are hidden in email text. Try to hover over the text and if the full URL is not available, go directly to the website yourself and navigate to where the message is trying to take you.
• DO NOT give passwords to anyone! IT will never request this information, nor will the government or any reputable organization, whether it is your bank or your ISP.

Do not respond to the email, text, or phone call, and immediately report it to itsecurityresponse@nsuok.edu.

It is always a good idea to regularly change passwords on all accounts, such as online banking and credit card accounts, and to monitor your accounts for unusual activity. Tips for setting strong passwords include:

• Use different passwords on different systems and accounts.
• Don't use passwords that are based on personal information that can be easily accessed or guessed.
• Use the longest password or passphrase permissible by each password system.
• Don't use words that can be found in any dictionary of any language.
• Refer to Tips on choosing and protecting passwords for best practices and additional information.

If you know or suspect that you are a victim of tax-related identity theft, the IRS recommends these actions:

• Respond immediately to any IRS notice: Call the number provided.
• If your e-filed return is rejected because of a duplicate filing under your Social Security number, or if the IRS instructs you to do so, complete IRS Form 14039, Identity Theft Affidavit (PDF). Use a fillable form at IRS.gov, print, then attach the form to your return and mail your return according to instructions.
• Visit IdentityTheft.gov for steps you should take right away to protect yourself and your financial accounts.

More info at the link below:

https://www.irs.gov/newsroom/taxpayer-guide-to-identity-theft

The IRS website provides information on this topic and instructions on steps you can take to address it:

Returning an Erroneous Refund – Paper Check or Direct Deposit

The NSU-RiverHawks-Guest network does not require login credentials and should be treated like a public WIFI network. Best practices while utilizing a public WIFI network include ensuring your device settings are up to date and using strong passwords.