UNC Charlotte employees bank accounts hacked

This browser does not support the video element.

CHARLOTTE, N.C. — UNC Charlotte employees’ bank accounts were targeted by a hacker.

The school was alerted to the breach when it found a problem with an employee’s direct deposit information.

Channel 9 reporter Ken Lemon talked to some university employees who didn’t want to go on camera.

Their information wasn't compromised, but they said they regularly get an email that is suspicious and that has them concerned.

There are about 4,500 university employees. Fewer than 50 became victims of the phishing scam that gave hackers access to their direct deposit information.

None of them were students, but it's the same information that Michelle Delucia has to provide for work study.

"It gets me really upset because we do work for that financial aid,” Delucia said.

University officials discovered the breach Thursday and contacted all of the employees who had their accounts breached to make sure they received the money they earned.

They asked all employees who recently made changes in their direct deposit information to verify their accounts.

Spy Tech owner Skip Graham said direct deposit is a rich target. Graham is licensed by the state in counterintelligence.

"So when you get direct deposit you get routing information, bank account numbers and it's a door wide open to be hacked,” he said.

Graham said businesses and banks almost exclusively use electronic means to transfer money.

Hackers are working hard to tap into those operations.

The North Carolina Department of Justice said it is a huge problem.

They have seen 186 similar breaches this year affecting 17,578 people.

Graham said some emails only require a breach by one person to access everyone's information.

"If you download something anonymously, that's like giving someone the keys to the castle,” Graham said.

He said if a hacker is good enough to get into a system, they are usually very good enough to cover their tracks.

The FBI has been asked to investigate this breach and will not give details regarding the sophisticated email that fooled those employees.

Graham said it takes an agency with that kind of resources to find a hacker in a case like this.

This is the second breach in a matter of months to happen to a university in North Carolina.

N.C. State said someone illegally accessed an email containing people's personal information, but officials said they have no evidence any personal data was misused or that someone committed fraud with the information.

All employees and students using direct deposit should review their information through my.uncc.edu.

For employees, click the “Direct Deposit” link found under the Banner Self Service section. Employees who notice any unauthorized activity should:

  • Contact their financial institution immediately to safeguard bank accounts.
  • Change their NinerNET password through pwmanager.uncc.edu.
  • Contact the IT Service Desk at 704-687-5500. Modified hours of operation are 7:30 a.m. to 5:30 p.m., Friday; 7:30 a.m. to 5 p.m., Saturday; noon to 5 p.m., Sunday.

For students, click on the “My Student Account” in the Financial Resources section. Then, select View Direct Deposit Information. If your direct deposit information is incorrect:

  • Contact your financial institution immediately to safeguard bank accounts.
  • Change their NinerNET password through pwmanager.uncc.edu.
  • Contact the IT Service Desk at 704-687-5500. Modified hours of operation are 7:30 a.m. to 5:30 p.m., Friday; 7:30 a.m. to 5 p.m., Saturday; noon to 5 p.m., Sunday.

Read more top trending stories on wsoctv.com: