The Retirement Program Services division of the University of California Office of the President issued the following statement today:
We want to inform UC Retirement Savings Plans recipients of recent reports of fraudulent activity involving UC Retirement Savings Program accounts maintained by Fidelity.
Fidelity’s cybersecurity team has identified the issue, closed the vulnerability, and taken immediate steps to protect all potentially affected accounts. Outreach to the 120 affected participants has begun.
Please be assured that, under Fidelity’s Customer Protection Guarantee, Fidelity will reimburse any losses from unauthorized account activity, provided the activity was not due to your own actions. You can review the full guarantee on Fidelity's website.
How to safeguard your Fidelity accounts
It's always a good idea to stay vigilant about cyber risks and take steps to secure your accounts. Here are some recommended actions to help you monitor and protect your Fidelity accounts:
- Check your accounts regularly.
- Review both your UC workplace account (at www.netbenefits.com) and any personal Fidelity retail accounts (at www.fidelity.com). Pay close attention to your profile information, especially mobile numbers and emails associated with multi-factor authentication (MFA) and account alerts. Fidelity will notify you of any profile changes.
- Report any issues to Fidelity.
- If you notice any unusual activity or unauthorized changes, contact Fidelity immediately at 866-682-7787. As noted above, Fidelity will reimburse any losses from unauthorized account activity, provided the activity was not due to your own actions.
- Enhance your account security with an authenticator app.
For added protection, consider using a third-party authenticator app. This provides an extra layer of security beyond your username and password. Here’s how to set it up:
- Download an authenticator app (such as Duo or Google Authenticator) from your mobile device's app store.
- Log in to your account at www.NetBenefits.com or https://www.fidelity.com/, then go to Profile & Settings (person icon) and select Security Center.
- In the Multi-Factor Authentication at Login section, select Authenticator App.
- Open the authenticator app and either scan the QR code or manually enter the secret key displayed.
- Enter the 6-digit code from the app on the Fidelity website and select Continue to complete your enrollment.
- When the pop-up confirms your enrollment, select Done.