Hackers obtained credentials with the aid of phishing emails

Oct 21, 2013 14:48 GMT  ·  By

The Michigan State University (MSU) shut down its EBS HR/Payroll (SAP) systems over the weekend after two employees reported receiving emails about changes being made to their accounts.

The MSU Police Department has launched an investigation into the incident. It’s believed that hackers sent out phishing emails in an effort to obtain employee credentials.

They used the harvested usernames and passwords to access the SAP system and modify the banking information of the two staffers.

So far, there’s no evidence that other employee data has been compromised, or that MSU systems have been breached.

Employees who spot unusual activities on their accounts are advised to call the MSU Police Department at 517-355-2222.

The alert posted by MSU police contains instructions on how to avoid falling victim to such attacks. Check it out!