Johns Hopkins University and Health System faced a cybersecurity attack last month.
The Johns Hopkins community were notified Wednesday that their personal information may be at risk. Those at risk will be contacted personally if affected.
A letter from the school urged community members to monitor bank accounts, consider fraud alerts or credit freezes with major credit bureaus, be wary of phishing attempts, and sign up for credit monitoring. Two years of free credit monitoring services will be offered to those affected, the letter said.
The attackers targeted a “previously unknown vulnerability in the widely used software MOVEit,” the letter said. The school’s network was affected alongside other large organizations, according to the letter.
“Johns Hopkins takes the privacy and security of our community members extremely seriously,” the letter said. “Our cybersecurity team is working closely with data security experts and law enforcement to determine what information was involved. This investigation is ongoing, but our initial evaluation shows the attack may have impacted the information of Johns Hopkins employees, students, and/or patients.”