April 20, 2017

Data Breach Incident

George Fox University notified the campus on April 20 about a likely data breach of its MyGFU system that occurred on January 16, 2017.  An unknown individual gained unauthorized access to a portion of the university’s W-2 tax forms for the 2016 tax year. The file accessed was for printing the 2016 W-2 tax forms for those employees who did not consent to online-only delivery of their W-2.

We have no evidence that any other information was compromised.

E-mails were sent on April 20 to all individuals with George Fox W-2s.  The email will inform you whether you are affected by this incident.  Formal notification letters were mailed on April 21 to all individuals potentially impacted by the incident.   

Identity monitoring services for those affected

To help relieve concerns and restore confidence following this incident, the university has secured the services of Kroll to provide identity monitoring services at no cost to affected individuals for one year. Kroll is a global leader in risk mitigation and response and their team has extensive experience helping people who have sustained an unintentional exposure of their confidential data.

Identity monitoring services include Triple Bureau Credit Monitoring, a Current Credit Report, Web Watcher, Public Persona, Quick Cash Scan, $1 Million Identity Fraud Loss Reimbursement, Fraud Consultation, and Identity Theft Restoration. Description of services provided by Kroll.

Affected employees were mailed a membership number and phone number to enroll. Deadline for enrolling is July 28, 2017.

Frequently Asked Questions

Does this affect me?

If you were affected, you received an e-mail on April 20 notifying you that you were affected by the incident. Printed letters will be mailed to affected individuals on April 21. The affected employees are those who did not consent to online-only delivery of their W-2s. If you received your George Fox W-2 by mail, your W-2 likely was affected by this incident.

What information was involved?

The incident involved all data elements contained on W-2 forms for the 2016 tax year, including name, home address, Social Security number, wages, tax payments, and elected deferrals such as retirement contributions.

What is the university doing to make my data secure?

A permanent resolution to address the incident has been made and we have communicated with our software vendor to ensure that their development team understands the nature of the incident to prevent future occurrences. We also have invested in new monitoring tools to improve proactive identification of future threats.

Did you report this incident to law enforcement?

Yes. Immediately upon learning of the incident, we reported it. We have notified local law enforcement, the Federal Bureau of Investigation, the Oregon Department of Revenue and the Internal Revenue Service (IRS). We have also worked with the IRS to flag affected employees’ taxpayer records in order to minimize the risk of tax fraud.

What address was the enrollment letter sent to?

The notification letter sent to affected employees was sent to the address on file on MyGFU.

Why didn’t you notify me sooner?

George Fox staff identified a likely data breach of its system on April 11, 2017. George Fox conducted a forensic review to confirm that a breach occurred and to identify the individuals affected by the incident. George Fox immediately identified resources to mail all affected individuals, to set up a call center to handle questions about the incident and to provide identity monitoring services to all who were affected by the incident. 

Can I get a copy of the police report? 

We advise you to contact Kroll for consultation services to best advise you how to respond to your identity theft or credit or tax fraud concerns.  Kroll will consult with you and when necessary, advise you regarding any documentation you may require.  Also, if you require a copy of George Fox’s police report about the incident, please contact Rob Felton, George Fox's director of public information.

What you can do.

Please review these additional resources. This document describes additional steps you can take to help protect yourself, including recommendations by the Federal Trade Commission regarding identity theft protection and details on how to place a fraud alert or a security freeze on your credit file.

I want to change my password. What is the best way to do that?

You can login to MyGFU and use the Change GFU Password link located on your homepage. Instructions are located on the Change GFU Password page that will guide you through creating a new password. If you require any assistance with changing your password or if you cannot access MyGFU, please call the Service Desk at 503-554-2569.

How do I know if an e-mail is a scam or phishing e-mail?

Phishing is the act of sending emails to random receivers purporting that the emails are from a credible company that operates online. These types of emails will normally direct you to other websites where you are required to fill in a lot of personal information. Phishing schemes often involve emails that appear to be from legitimate companies asking you to reset your password or give your private information, though when you click the provided link, you are sent to a bogus site designed to steal the information.

The George Fox IT Service Desk will never ask you for your username and password. You should never submit your George Fox credentials to anyone.

More information is available at the IT Network Security site

For more information

If you have been affected by this incident and have additional questions, please call the Kroll call center at 1-855-294-2544, Monday through Friday from 8 a.m. to 5 p.m. Central Time. Please have your membership number available.