ORONO, Maine — The University of Maine says 86 of its employees and students were tricked into providing passwords to online scammers.

“The victims were enticed to provide their personal password to access a fraudulent online document,” University of Maine System spokesman Dan Demeritt announced Friday.

The scammers then used that information to access “university self-service personnel accounts,” which may have given them access to each person’s personal financial information, including bank account information and Social Security numbers.

Demeritt said no university data systems were targeted or breached and that the attack is believed to have been limited to 86 people. The system hasn’t yet found victims at any of the state’s other universities, but its IT staff and those at other universities continue to investigate.

“Every member of the university community should be extremely cautious when it comes to sharing personal identifying information or credentials,” John Forker, chief information security officer for the system, advised Friday. “But personal vigilance and involvement is key to protecting our online information and identities from attack.”

UMaine is working to contact everyone who could be a victim and offering them free identity theft monitoring services. The university also notified the Maine attorney general’s office, according to Demeritt.

The phishing scheme appears to have put far fewer students at risk than the data breach at the university four years ago. In 2012, a security breach of a server shared by on-campus computer stores at UMaine and the University of Arkansas compromised the information of more than 2,800 people and exposed 435 credit card numbers and 1,175 Social Security numbers.

In 2010, cyber attackers hacked into servers used by the university’s counseling services, compromising the Social Security numbers of nearly 4,600 students who had visited the center over the previous eight years.

More information about the phishing scam is available at www.umaine.edu/informationcenter, as are details about how to avoid identity theft or respond if you become a victim.

Follow Nick McCrea on Twitter at @nmccrea213.