From the Exec. VP of Administration and Finance :: Data Incident 2/27/17
Below is a portion of the email distributed on Feb. 27 by Exec. Vice President of Administration and Finance Bruce Budde regarding the data incident that affected a small number of employees at ICC. For further questions, please contact [email protected].
Over the weekend, ICC suffered a data incident. It appears that for a small number of ICC employees, employment and personal information may have been accessed. This incident was discovered when employees reported receiving a confirmation email stating that they had approved the electronic release of their W-2 form when they had not. ICC cyber-security staff immediately closed down external access to our data systems, in particular PeopleSoft systems, and implemented measures to contain the threat.
ICC continues to investigate the cyber-attack and will work with appropriate legal, financial, and law enforcement agencies. At this time, it appears the attack originated through a cloud service in New York. At the same time, ICC’s emergency response team is working to determine which employee accounts were accessed and, if possible, what information was compromised. We have contacted these individuals with steps they should take to protect their information. Rest assured that the College will provide support in mitigating this problem, including credit monitoring.
ICC has had secure software protocols and procedures in place for quite some time, but these can never prevent every threat. The emergency response team and protocol exists to act quickly in situations like this. I sincerely apologize for this situation and want you to know we are doing everything possible to guard against threats like this in the future. We are already implementing a careful review of internal security measures.
Submitted by Executive Vice President of Administration and Finance Bruce Budde