Message to Stanford community on cybersecurity incident

Dear Colleagues,

We are writing to inform you of a cybersecurity incident. Stanford University School of Medicine has learned of a data breach that is part of a cyber incident involving a third-party file-sharing service, called File Transfer Appliance (FTA), provided by Accellion Inc. The breach was part of a larger national cyberattack on universities, companies and organizations that use the Accellion FTA. We will provide regular updates to our community via a dedicated webpage.

https://med.stanford.edu/connected/announcements/cybersecurity-incident-2021.html

With the help of a leading cyber-forensics firm, we are analyzing the stolen data and will notify affected individuals as appropriate. Law enforcement has been notified.

We take data protection very seriously. As best practice, all individuals should continue to remain vigilant and promptly report any suspicious activity or suspected identity theft to our Privacy Offices. Email addresses are provided on our webpage. Please also note that Stanford University, Stanford Health Care and Stanford Children’s Health all offer identity theft protection services to all employees. Stanford will also provide these services as appropriate to other affected individuals.

Thank you for your attention to this matter. We are working to resolve the situation as expeditiously as possible. We deeply value the contributions you make to the Stanford community, and we are committed to keeping you informed. Our investigation is ongoing, and we will post updates to our webpage as appropriate.

Sincerely,

Randy Livingston
VP Business Affairs, Chief Financial Officer & University Liaison for Stanford Medicine

Lloyd Minor, MD
Dean, Stanford School of Medicine