IE11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

College Ransomware Attack Caused Possible Data Breach

The information that could have been accessed may have included first and last names, Social Security numbers and other data elements linked to those connected with Napa Valley College.

About 8,000 people with some association to Napa Valley College (NVC) recently received letters informing them of a possible data breach of personal information that occurred during the ransomware attack that struck NVC in June.

The community college, once aware of the cyber attack that shut down the NVC website and network systems, worked with a third-party forensic firm to investigate, the letter says. On Aug. 18, the college subsequently discovered that “a limited amount of personal information may have been accessed by an unauthorized third party in connection with this incident.”

According to the letter, the information that could have been accessed may have included first and last names, Social Security numbers and other data elements. Only those who may have had their information compromised were sent letters, according to NVC spokesperson Holly Dawson.

“At this time, there is no indication that any information has been misused,” Dawson said in an email. “However, Napa Valley College provided notice to all potentially impacted individuals out of an abundance of caution and so that they could take steps to safeguard their information if they so determined.”

Dawson noted that NVC followed steps outlined by the California Department of Education, and that the department was satisfied with the response. The letter says NVC staff immediately took steps to secure its systems once it learned of the attack and has worked to enhance network security to prevent similar intrusions.

It was not known whether those receiving the letter were primarily students, faculty members or college employees.

The college also arranged for those who received the letter to enroll in an online credit monitoring service for 12 months, as well as protective fraud assistance if any recipients become victims of fraud.

(c)2022 Napa Valley Register. Distributed by Tribune Content Agency, LLC.