Cyber Incident Victim: Wichita State University

In early January 2019, Wichita State University experienced a phishing attack targeting its employees. At least three staff members received fraudulent emails designed to mimic legitimate communications, prompting them to enter their university ID numbers and passwords. The attackers successfully harvested these credentials, gaining unauthorized access to the victims’ accounts. This breach exposed sensitive personal information, including employee bank account details and student records linked to the compromised accounts. The stolen banking information allowed the perpetrators to divert the employees’ paychecks, resulting in missed payments. University officials confirmed the incident stemmed from a phishing scheme, though the exact timeline of the attack and the number of targeted emails remained unspecified. The incident highlighted direct financial harm to affected individuals, as payroll disruptions created immediate economic strain.

The university publicly acknowledged the breach but did not disclose specific remediation steps taken to assist victims or secure compromised systems. No details were provided regarding whether payroll interruptions were resolved, whether stolen data was recovered, or whether additional security measures were implemented post-incident. The confirmed consequences included unauthorized access to institutional and personal data, financial losses for employees, and potential secondary risks from exposed student records. The scope of impacted systems or data types beyond bank accounts and student records was not elaborated upon by officials.