During the past several days, faculty have identified to the local that they are quite concerned regarding the safety of their personal and banking information on the college’s Workday system.
I asked the college president on February 6, if she could confirm that Social Insurance Numbers and banking information had not been compromised, given the Workday fiasco.
On the same day, she responded “Yes I can confirm that”; however, the local has since learned that at least a week earlier to this confirmation by the college president that a college employee was informed that his Workday account had been compromised during the phishing attack. The college offered “Identity Theft Protection Services” from ID Alerts for the next 2-years and advised the employee to change his bank password.
One has to wonder why the college was not aware of such phishing attack problems and Workday issues well before implementing Workday on January 7, 2019 given that this information has been widely published on the web since at least May 2017 as per the following article
Additionally, Workday security issues have also be widely published as per this article.
https://krebsonsecurity.com/tag/workday-com/
If you suspect that your personal or banking information has been compromised, I recommend that you ask the college for “Identity Theft Protection Services” from ID Alerts for the next 2-years.
Although there is no guarantee that all faculty will receive this email because of the state of the college’s email system, I would encourage you to pass this information along to coworkers so that they take action necessary to safeguard their personal and banking information.
Pat Kennedy, President
OPSEU Local 415