York University is recovering from a serious cyber-attack that occurred Friday evening, the university says in a news release Monday. It says that fast action by technical staff halted a much more damaging impact.
On Friday evening, York University fell victim to a serious cyber-attack that corrupted a number of University servers and workstations. Fortunately, the attack was quickly identified by UIT staff, who immediately took the necessary steps to mitigate the scope and potential severity of the attack by shutting down York’s computer systems and engaging external forensic experts to fully investigate this extremely serious situation.
As you can imagine, the investigation is complex, is still ongoing and will likely take some days to complete. However, UIT continues to work 24/7 to bring as many systems back on-line as soon as they have been inspected and cleared.
Please also be advised that most York IT Service Desk ticketing systems (e.g. askIT@yorku.ca, ITHelp@glendon.yorku.ca) have been out of service since the cyber-attack and will NOT be available on Monday morning, nor will UIT and other Faculty IT units’ phone systems. We are working to rectify the situation.
Update on Systems
Over the weekend functionality was restored to the following systems:
• Password change
• Office 365 (including email)
• York website (except for sites on Windows servers)
• The following faculty websites: Schulich, Science, LA&PS, Education, Health, Graduate Studies
• Zoom
• Moodle
• On-campus student access to the internet
We are now focusing on making the following services available as soon as possible – updates to follow:
• VPN for HR and Finance
• Mymail/Central Mail
• All remaining Faculty websites
Unfortunately, the following systems are still not available while the investigation continues:
• CRM Student email
• Most VPN
• HR, Finance SIS systems for general use
• Internal drives (including FAS)
We sincerely regret the inconvenience caused by this cyber attack and would ask for your continued patience and understanding as we work as quickly as possible to return York’s computer systems to full operational status while ensuring their integrity and security. It is already very evident that UIT’s quick response significantly reduced the potential damage this cyber attack would have caused, if not detected and dealt with so quickly.
As we bring York’s computer systems back into service, to ensure maximum security and as an important step in safely restoring systems, the entire York community will need to change their current passwords. We will advise when this needs to take place.
Updates will be provided regarding the recovery of York’s systems on an ongoing basis.
Donald Ipperciel
Chief Information Officer
