York University was the victim of a “serious cyber attack” over the weekend.
According to the school, the attack on Friday evening corrupted a number of University servers and workstations.
“Fortunately, the attack was quickly identified by UIT staff, who immediately took the necessary steps to mitigate the scope and potential severity of the attack by shutting down York’s computer systems and engaging external forensic experts to fully investigate this extremely serious situation,” said York’s Chief Information Officer, Donald Ipperciel.
“As you can imagine, the investigation is complex, is still ongoing and will likely take some days to complete.”
UPDATE: Work continues to bring systems back on line following the cyber attack on the weekend. As of this morning, more functionality has been restored and a current list of functional systems can be found here: https://t.co/WUw5h3h1b4 (1/3)
— York University (@yorkuniversity) May 4, 2020
The University said that over the weekend, functionalities restored included Office 365 (including email), password change, on-campus student access to the internet, as well as the York website.
The school is continuing to work on other aspects that they say will be restored as soon as possible. That includes:
- VPN for HR and Finance
- Mymail / Central Mail
- All remaining faculty websites
While the investigation continues, CRM student email, most VPN, HR, Finance SIS systems, and internal drives are not available.
“We sincerely regret the inconvenience caused by this cyber attack and would ask for your continued patience and understanding as we work as quickly as possible to return York’s computer systems to full operational status while ensuring their integrity and security,” said Ipperciel.
“As we bring York’s computer systems back into service, to ensure maximum security and as an important step in safely restoring systems, the entire York community will need to change their current passwords. We will advise when this needs to take place.”