Skip to content


A look back at 2019 data privacy hot topics

Each year we celebrate Data Privacy Day on Jan. 28 to recognize how the advancement of technology impacts our privacy rights and to highlight the value of protecting our personal information. As a joint effort between the Freedom of Information and Protection of Privacy and Information Security teams, we promote privacy-related best practices, insights and updates, including this list of notable data privacy topics and news stories from the past year.

Cyber security news roundup: a recruitment crisis, botnets, spies and ransomware

In an increasingly digital world, cyber security issues are an inevitable (and ever-growing) part of the media landscape. As a result, a range of cyber security issues are hot topic in local, national and international news coverage. Here is a brief roundup of some of the most interesting recent news items right now. The return ... Read More

CSAM 2019 recap: activities across the tri-campus community

Online privacy and data protection were front and centre for University of Toronto (U of T) staff, students and faculty during Cyber Security Awareness Month (CSAM) activities, held throughout October. Hosted by the Information Security team, events included pop-up information booths and Coffee with the CISO sessions, held across all three U of T campuses. The overall ... Read More

Updated Cyber Security Awareness Month resources

Security Matters has updated its resource page with this year’s University of Toronto (U of T) Cyber Security Awareness Month (CSAM) educational materials. These materials include:  A guide on what steps to take if you suspect you have received a phishing email.  An overview of U of T’s Information Security (IS) unit priorities for the next year.  ... Read More

CSAM: Cyber security – we’re in this together!

October is just around the corner and while temperatures may be dropping, cyber security education and awareness will be on the rise. The start of a new school year brings with it new cyber risks and threats. The University of Toronto’s (U of T) Information Security team is tackling issues of privacy and data protection ... Read More

New phishing scams are targeting U of T staff and students

September is a busy month for everyone at the University as we gear up for the fall semester. At the University of Toronto (U of T), communication between administrative staff and the student community is at its peak, making it the perfect time for attackers to phish people under the guise of administrative and student ... Read More

Capital One breach: lessons universities can learn

In late July, a data breach at Capital One Financial compromised the personal data of more than 106 million people, including six million Canadians. This breach is just another example of a very long list of multi-national companies who have been targeted by attackers in recent years, including Equifax in 2017, Marriott in 2018, Facebook in 2019 and ... Read More

Have you received a possible phishing email? Updated resources are now available

The University of Toronto’s Information Security and Enterprise Architecture (ISEA) team is dedicated to keeping information secure for staff, students and faculty alike. The Security Matters website now features an updated Report an Incident section for members of the University community who suspect they have received a phishing email.  The update provides practical steps to take if you are the recipient of ... Read More

Special Advisory on phishing messages

Recently, the University of Toronto (U of T) has seen an increase in targeted phishing attempts and attacks. These phishing attempts and attacks are becoming more sophisticated and polished. Some of these emails are crafted to look like urgent appeals for action from the signature of U of T leadership, including from high-level University executives, leaders ... Read More

Student malware incident: next steps and action required

On Saturday Feb. 23, many students received a malicious email regarding a ‘refund payment’. The email contains an attachment which, if opened, causes a prompt for credentials and installs software. Please read further if you recognize this incident: If you have received the email and not opened the attachment, delete the email. If you have ... Read More