In December 2018 ICTS Services discovered that an unauthorised individual had gained access to an UvA server. There is no indication that personal data were leaked, but to be certain the applications on the server have been taken offline.
The server in question is from 2013 and contains several applications. A hacker used a vulnerability in the system to gain access.
An investigation carried out by an external agency has found no evidence that the server was used for any purpose other than search engine optimisation. Should there be any reason in future to suspect that personal data may indeed have been leaked, we will inform all those affected immediately.
The applications on the server were taken offline in December 2018 while the investigation was taking place. The external agency has taken a number of additional security measures in order to prevent a similar incident from happening in future. All recommendations were immediately adopted and are currently being implemented.
As usual, we will keep you updated on further developments via this page. You can also contact the ICTS Service Desk by sending a mail to firstname.lastname@example.org or by calling 020 525 1402.