UNMC employees are being advised to change their Firefly and network passwords and check their bank account information following an apparently successful phishing attempt that was reported to the UNMC payroll department on Friday morning.
An employee of UNMC notified payroll officials that they believed a Wage Works reimbursement had been deposited to an unauthorized account.
If you found a bank error
Employees who verified their bank accounts and found an error, such as an unfamiliar account number, should check their credit reports for new accounts. Employees with children or beneficiaries on their SAP human resources record should check their credit reports also.
If you have found a bank error, please also notify Sharon Welna at 402-559-2545.
With access to employee self-service, the hacker/phisher would have plenty of information (social security number, date of birth, address, bank, etc.) to apply for credit cards and loans. They have W2 information and could have even printed that to include in a paper application.
A Wage Works review indicated that a change had been made to the employee’s bank account information very close to the time the reimbursement was to be funded. However, the employee had not made a change to his bank accounts.
Upon discovering this information, the Information Security Incident Response Team was assembled to explore the incident in depth and analyze the risk to employees was made. A small number of employees were discovered to have been impacted, apparently by a phishing attempt that occurred around Aug. 27. If someone clicked on the link within this email and supplied their User ID and password by typing them into a form, the criminals were then able to use this information to access Firefly and make the bank account change.
At this time, UNMC is unaware of any funds being deposited to an unauthorized account. The investigation is continuing, and UNMC is working with law enforcement on this investigation.
All employees were notified and given instructions on how to verify their bank account information and reset their passwords in an email alert issued at 4:20 p.m. Friday afternoon. This information is being reprinted in UNMC Today this morning.
For questions, please contact Sharon Welna, 402-559-2545.