Educause Security Discussion mailing list archives
Re: Security Breach Notification MIA...
From: "Bateman, Darrell" <darrell.bateman () TTU EDU>
Date: Wed, 20 Feb 2013 20:51:04 +0000
Everyone that had an account with EDUCAUSE at the time of the breach, including those that uses the InCommon federated login, should consider their EDUCAUSE stored password as compromised. This could have ramifications for you if you use that same password for other sites or if that password is based on some recognizable pattern you use elsewhere. To fully protect yourself, you may need to change all your other passwords that might be guessed as a result of the EDUCAUSE compromised password. -------------------------------------- Darrell Bateman Assistant Vice President for IT and ISO Office of the Chief Information Officer Information Technology Division Texas Tech University -----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Manjak, Martin Sent: Wednesday, February 20, 2013 9:43 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Security Breach Notification MIA... We use InCommon and we received the notification (which also wound up in several recipients' junk folders). When given the option on the EDUCAUSE password reset page to log in via the federated method, I was able to successfully authenticate without having to change my pw. I'm assuming that anyone who had a local EDUCAUSE pw had it reset, regardless of whether they could or did use InCommon. We're contemplating how we might communicate to local EDUCAUSE members that they do not need to reset their local profile pws and should instead use the federated option, if they have never done so before. Marty Manjak ISO University at Albany -----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Ken Connelly Sent: Wednesday, February 20, 2013 10:17 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Security Breach Notification MIA... Those who use a federated login instead of local authentication were not affected and perhaps not even notified? - ken Allen, Jon D. wrote:
We did some analysis and there is a delta of about thirty users for us between those who received the email and those who are listed under our Educause account as users. I am not sure if there is a concept of an expired account that could be accounting for the delta. Thanks, _________________________________ Jon Allen, CISSP, EnCE Information Security Officer Baylor University 254.710.4793 www.baylor.edu/bearaware -----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Ken Connelly Sent: Wednesday, February 20, 2013 8:44 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Security Breach Notification MIA... The archive on the EDUCAUSE site is updated in pretty much real time, so that's a place where you could follow the discussion prior to getting a digest. If you look there, you'll see that the majority of the concern was the phishy-looking links in the message(s). That was caused by (1) EDUCAUSE's normal use of a third-party mass-mailer (Informz) and (2) the click-tracking URLs that were in the message. Those concerns were compounded because the normally sluggish (at best) EDUCAUSE website was moving at glacial speeds due to the load. I noticed the delta between the breech discovery and the announcement, but that wasn't a topic of concern as I recall, perhaps partially due to the two much more important concerns mentioned above. - ken Boyd, Daniel wrote:Has anyone else NOT received their email notification from EduCause about the security breach? The only reason I found out about it yesterday is because my CIO was watching the chatter on the CIO list about the notification. I get my security list discussions in digest form, so I had not seen the discussion here. Anyone else peeved that they waited 14 days to (supposedly) notify everyone? I’m not trying to stir up a flaming discussion (although I probably have succeeded), I really am just curious as to the mood here. Dan Daniel H. Boyd (94C) Senior Network Architect Network Operations Berry College Phone: 706-236-1750 Fax: 706-238-5824 There are two rules to follow with your account passwords: 1. NEVER SEND YOUR PASSWORD VIA EMAIL (TO ANYONE)!!!!! 2. If unsure, consult rule #1-- - Ken ================================================================= Ken Connelly Associate Director, Security and Systems ITS Network Services University of Northern Iowa email: Ken.Connelly () uni edu p: (319) 273-5850 f: (319) 273-7373 Any request to divulge your UNI password via e-mail is fraudulent!
-- - Ken ================================================================= Ken Connelly Associate Director, Security and Systems ITS Network Services University of Northern Iowa email: Ken.Connelly () uni edu p: (319) 273-5850 f: (319) 273-7373 Any request to divulge your UNI password via e-mail is fraudulent!
Current thread:
- Security Breach Notification MIA... Boyd, Daniel (Feb 20)
- Re: Security Breach Notification MIA... Ken Connelly (Feb 20)
- Re: Security Breach Notification MIA... Allen, Jon D. (Feb 20)
- Re: Security Breach Notification MIA... Ken Connelly (Feb 20)
- Re: Security Breach Notification MIA... Tonkin, Derek K (Feb 20)
- Re: Security Breach Notification MIA... Ken Connelly (Feb 20)
- Re: Security Breach Notification MIA... Dexter Caldwell (Feb 20)
- Re: Security Breach Notification MIA... Hauber, Wayne [ITSEC] (Feb 20)
- Re: Security Breach Notification MIA... Allen, Jon D. (Feb 20)
- Re: Security Breach Notification MIA... Manjak, Martin (Feb 20)
- Re: Security Breach Notification MIA... Bateman, Darrell (Feb 20)
- Re: Security Breach Notification MIA... Ken Connelly (Feb 20)