|
Wednesday, April 5, 2017
Dear Team DPS,
Your email accounts continue to be the target of a series of SPAM/Virus (phishing) emails in which the sender uses a fraudulent pretext to seek personal information, such as your DPS username and password. The Department of Technology Services (DoTS) is working diligently to mitigate and block these emails, but it is very difficult to block all such emails without filtering out many legitimate emails.
On Monday, April 3, we received an initial notification from an employee who reported their monthly paycheck was not deposited to their bank account. We launched an internal review immediately. At this time, we have reason to believe that a small number of employees' personal information was compromised via an email containing a link that asked the employees to provide their DPS usernames and passwords.
The Colorado Bureau of Investigation, DPS Safety and DoTS are conducting an investigation. At this point, our internal investigation indicates approximately 34 email accounts received this phishing email. As a result, these employees' confidential information may have been compromised. These employee accounts have been disabled, and DoTS is working with the individual employees to rebuild their accounts.
Please take this opportunity to double-check your information in Infor HR and confirm that your payroll information is accurate. In addition, you may want to take this opportunity to change your password as a precautionary measure and make a habit of changing your password on a regular basis; we recommend changing your password every 30 days. Best security practices for creating passwords include one uppercase character, one number and a minimum of eight characters.
As we continue to strengthen our email filters, please be extra cautious about opening emails that you receive from unfamiliar sources. The following are best practices:
- Do not download unknown software from the internet, click on attachments or respond to emails from unknown sources.
- DPS Board Policy EGAEA requires users to keep district passwords secure and to not share them.
- No DPS department will ever ask you to share your confidential employee information, including your DPS username and password, via email.
Please contact the DoTS Hotline at 720-423-3888 or email DoTS_Hotline@dpsk12.org if you have any related questions or concerns.
Sincerely,
Sharyn Guhman
Chief Information Officer
|
