April 29, 2021
Dear Millersville University Community,

In a previous communication, I mentioned that we have contracted with a security firm, IDX, to provide one year of identity protection to faculty, staff and students who were enrolled or employed by the University during the 2020-21 academic/fiscal year. The letters have been mailed and should be received shortly.

While we currently do not know the full extent of the data that have been impacted, we know and have shared previously that personal information from a handful of individuals has been disclosed. These individuals have been notified directly. Such personal information is likely to have been disclosed via a shared drive, the “M Drive”, which contained similar personal information for students and employees as well as other sensitive University information. We also know and have shared previously, that additional data have been disclosed. It is not unreasonable to conclude that these data came from the M Drive and may contain personal information and other sensitive data.

Based on this knowledge, I encourage you to look for the letter sent by IDX identity protection services and to enroll in the service as soon as possible. IDX’s services include 12 months of credit and CyberScan monitoring, a $1,000,000 insurance reimbursement policy, and fully managed identity theft recovery services. As a reminder, similar services are available to Highmark members and information on identity theft is available through the Federal Trade Commission.

I understand and share the frustration caused by this attack. We continue to hold cybersecurity as an institutional priority and will work diligently in the weeks and months ahead to mitigate the likelihood of future attacks.

Kind Regards,

Daniel A. Wubah

University President

 

 

 

Leave a comment