Dear Colleagues, Students and Residents,
On January 5, 2016, the Faculty of Medicine learned about an incident of unauthorized access to the personal information of 721 individuals on the evaluation system administered by the company one45 and used in undergraduate and postgraduate medical education.
The University immediately contacted one45, and the company determined that the issue was caused by a software upgrade they had performed on December 2, 2015. Immediate measures were taken to correct the problem, and we continue to work closely with one45 to ensure no data is accessible to unauthorized parties.
We are communicating directly via McGill email addresses to the individuals whose information was accessed. If you are among those affected, you should have already received a separate communication in your McGill inbox.
While the one45 system contains certain personal and academic data, it does not include birth dates, social insurance numbers, credit card numbers or other financial information that may be used to defraud individuals. We, therefore, believe the risk of fraud or identity theft to be low.
In addition to the immediate actions we took on learning of the incident, the University is in the process of reviewing the breach comprehensively with one45.
Should you have any questions, please do not hesitate to e-mail firstname.lastname@example.org.
Vice-Principal (Health Affairs)
Dean of the Faculty of Medicine
January 14, 2016