...
- Office365 (including Email, Sharepoint, OneDrive, etc.) - We can determine whether a malicious user logged in to Office 365, but may not be able to verify what they viewed or edited. Typically, hackers use use compromised SPU email accounts to send phishing messages targeted at other SPU users. As part of this, mailbox rules might be created to hide the suspicious activity from the unsuspecting employee. We rely on O365 email alerts to advise us when compromised accounts are being used for phishing.
- Other Data systems (including Banner, Raiser's Edge, Canvas, etc.) - We can determine whether a malicious user logged in to our Single Sign-On portal, but may not be able to determine quickly all applications that were accessed. Specifically with Banner, we can identify what pages were loaded (in both Self-Service and Banner Admin). Typical targets here include pay stub and direct deposit information. If there are specific data systems you are concerned about, we can attempt to identify or verify what access may have occurred.
...
Unless the compromised account occurs due to an institutional data breach where SPU is at fault, the University will not provide credit monitoring or other follow-up investigation. As noted in the Computer Acceptable Use Policy policy, "Users must take appropriate and reasonable measures to protect the integrity, exclusiveness, and confidentiality of individual resources and account credentials."
...