Vanderbilt University Information Technology has found that the racist, white supremacist emails received by members of the Vanderbilt community this week were sent from external systems using sophisticated masking techniques.
The messages were sent late Monday night and early Tuesday morning to thousands of Vanderbilt email addresses and thousands of other email domains, such as Gmail, Yahoo and other independent institutions. Vanderbilt recipients included students, faculty and staff, generic office email boxes and a variety of list servs. An analysis of the recipients shows that distribution was broad and diffuse—there does not appear to be any pattern in terms of who received the emails or who received them first. Approximately half of the emails were sent to addresses with no affiliation with Vanderbilt.
The tactics used in the attack were technologically advanced. The messages appear to be connected to 57 different IP addresses in 17 countries and used anonymizer software common to these types of sophisticated email attacks to conceal the perpetrator’s identity. This software allowed them to use these 57 different systems to target the Vanderbilt list serv tool and propagate the message.
“We stand with the African American and black members of the Vanderbilt community who were especially impacted by these hateful messages,” Chancellor Nicholas S. Zeppos said. “This abhorrent attack on our campus was designed to stoke fear and division. We condemn these messages and the hate and bigotry they espouse in the strongest possible terms. We are deeply sorry that our community was victim to such an attack and know it has caused tremendous pain and anguish.
“Diversity, equity and inclusion are bedrock values of our community. We are committed to protecting our community from such attacks and to supporting the communities directly affected,” Zeppos said.
University leaders are continuing to meet with student groups, faculty and staff to share information, hear concerns and address questions.
Vanderbilt University Information Technology identified how the attack entered the Vanderbilt network and quickly blocked it early Tuesday morning. VUIT is continuing to work to protect against any ongoing threats from this and similar attacks.
VUIT continues to study and block variants of the attack and is working with the Vanderbilt University Police Department and Metropolitan Nashville Police Department to track the issue.
While the offensive emails do not download a virus, VUIT recommends that recipients do not click on any links contained in the message or respond to it.
Bias-related incidents can be reported directly to the Title IX and Student Discrimination Office at titleixandstudentdiscrimination@vanderbilt.edu or by calling 615-343-9004. Incidents can be reported anonymously using this form.
Faculty and staff who want to report allegations of discrimination or bias should contact Equal Employment Opportunity.
A number of university resources are available to any Vanderbilt community member seeking assistance. They include:
- Office for Equity, Diversity and Inclusion, 615-343-2644
- Inclusive Excellence, Office of the Provost, 615-343-3697
- Dean of Students, 615-322-6400
- Bishop Joseph Johnson Black Cultural Center, 615-322-2524
- Student Care Network
- University Counseling Center, 615-322-2571
- Center for Student Wellbeing, 615-322-0480
- Work/Life Connections–EAP, 615-936-1327
- Office of University Chaplain and Religious Life, 615-322-2457
- Vanderbilt University Public Safety, 615-322-2745