University of Winnipeg cyberattack: staff, students respond Achi-News

Those affected by the cyber attack that hit the University of Winnipeg last month say they are worried about the possibility of their personal data falling into the wrong hands.

The university was hit by the cyber attack last week, which resulted in thousands of pieces of data potentially stolen, including names, social security numbers, dates of birth, addresses, and bank information, some dating back to 2003.

“I’ve been here 32 years. And this is the worst 10 days of my career,” said Scott Forbes, professor of biology at the University of Winnipeg.

“It was almost impossible to process. I was immediately thinking about the effects on my students.”

Forbes said his concern grew when he learned of the scale and scope of the cyber attack.

“I didn’t think it could get any worse, but it got much, much worse,” he said.

For some students, it has been extra stressful, on top of exam season.

“Once I get through that, I can start worrying about my identity,” said first-year student Raine Hayward.

“It made everything up. And it made us very unhappy,” added Dillon Menzies, another first year student.

The University of Winnipeg is investigating the incident, and is providing free credit monitoring to those affected for two years.

Hernan Popper, founder of Popp3r Cybersecurity, said those concerned should assume their data has been stolen and act accordingly.

“This is not something that starts and ends, but for the individuals affected, it is a problem for life,” he said.

Popper said people should contact Equifax and TransUnion, and let them know your social security number has been stolen, to avoid an impact on your credit. He added that you should also keep an eye on your credit report.

How other universities are responding

CTV News Winnipeg reached out to other universities in the province to find out what measures they are taking in the wake of the University of Winnipeg cyber attack.

Coleg yr Afon Goch Polytechnique would not comment on specifics, but said they have implemented some measures, such as multi-factor authentication, to keep data safe.

“Our work and protocols are regularly reviewed and updated as part of our approach to cyber security,” a spokesperson said in a news release.

Brandon University has also made improvements to its security measures.

“Although not directly related to the PC incident, we have made several recent and ongoing improvements to our systems, including better warnings about links in external emails (this is a common vector for attacks), updating our firewalls constantly, and we are rolling out changes to our campus Wi-Fi networks that encourage more secure connections,” a spokesperson said in a statement. “Also, multi-factor authentication has been in place for BU employees and students since at least 2022.”

The University of Manitoba declined to comment on its cyber security policies and measures.