Educause Security Discussion mailing list archives
Re: Get Study Room site
From: "Beyette, Jeremy" <jeremy.beyette () ROCHESTER EDU>
Date: Wed, 8 Oct 2014 20:28:32 +0000
We were unaware of this site here at the University of Rochester and based on this thread, started looking into it yesterday. When we went to the site, it asks for an @edu email address and a password, but doesn’t specifically ask for LMS or University credentials. We have signed up with an @edu account and a password specific for this site and are going to see if we get any hits for any of our services from GetStudyRoom. Jeremy Beyette, GSEC University IT Security and Policy University of Rochester http://www.rochester.edu/it/security On Oct 8, 2014, at 4:16 PM, Kevin Halgren <kevin.halgren () WASHBURN EDU<mailto:kevin.halgren () WASHBURN EDU>> wrote: Saw a note elsewhere that sometime between Oct. 2nd and today they may have stopped asking for LMS credentials. I’d consider that unconfirmed at this point and I haven’t checked myself, but they certainly are known for doing this. Kevin From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Alex Waitkus Sent: Tuesday, October 07, 2014 12:19 PM To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU> Subject: Re: [SECURITY] Get Study Room site We sent a cease and desist letter to them as they had a ‘connection’ to our LMS, they then replied on who the correct contact would be to initiate this connection. We are not addressing the collaboration or the unsolicited emails. ———— Alex Waitkus Security Analyst, Lead Information Security Services Georgia State University awaitkus () gsu edu<https://urldefense.proofpoint.com/v1/url?u=http://mailto:awaitkus%40gsu.edu&k=p4Ly7qpEBiYPBVenR9G2iQ%3D%3D%0A&r=67JB9wbdSLkO6aF6LeIYrYZMVtoKrCbSSd1FhgXdfvM%3D%0A&m=D5cPuoZt5KZjcvxhzpiKl%2FkE1GJXwAhxy2dPhO%2B1NQA%3D%0A&s=04eadd3dea8263f0de75bbb208c7c2ae2cd0643312793b94edbdc3f62a5e124a> security () gsu edu<https://urldefense.proofpoint.com/v1/url?u=http://mailto:security%40gsu.edu&k=p4Ly7qpEBiYPBVenR9G2iQ%3D%3D%0A&r=67JB9wbdSLkO6aF6LeIYrYZMVtoKrCbSSd1FhgXdfvM%3D%0A&m=D5cPuoZt5KZjcvxhzpiKl%2FkE1GJXwAhxy2dPhO%2B1NQA%3D%0A&s=d6bc23e26004ea07d31e0a8372f34d9624ac9d379458bd7bd0369a2f21752a3b> Phone 404.413.4377 Security 404.413.4524 http://technology.gsu.edu/technology-services/it-services/security/<https://urldefense.proofpoint.com/v1/url?u=http://technology.gsu.edu/technology-services/it-services/security/&k=p4Ly7qpEBiYPBVenR9G2iQ%3D%3D%0A&r=67JB9wbdSLkO6aF6LeIYrYZMVtoKrCbSSd1FhgXdfvM%3D%0A&m=D5cPuoZt5KZjcvxhzpiKl%2FkE1GJXwAhxy2dPhO%2B1NQA%3D%0A&s=9aa2f2637421d5bd4f177150bd3a56dbc24c98bdb78ecc1df55d9551e6d7c2ac> On Oct 7, 2014, at 1:12 PM, Alex Jalso <ACJalso () MAIL WVU EDU<https://urldefense.proofpoint.com/v1/url?u=http://mailto:ACJalso%40MAIL.WVU.EDU&k=p4Ly7qpEBiYPBVenR9G2iQ%3D%3D%0A&r=67JB9wbdSLkO6aF6LeIYrYZMVtoKrCbSSd1FhgXdfvM%3D%0A&m=D5cPuoZt5KZjcvxhzpiKl%2FkE1GJXwAhxy2dPhO%2B1NQA%3D%0A&s=5bdc451c096d651ef97be8782cbf5f29536afc3e129d1bb6cf5807642d4d6a76>> wrote: Hello Everyone, Has anyone dealt with the site http://getstudyroom.com<https://urldefense.proofpoint.com/v1/url?u=http://getstudyroom.com/&k=p4Ly7qpEBiYPBVenR9G2iQ%3D%3D%0A&r=67JB9wbdSLkO6aF6LeIYrYZMVtoKrCbSSd1FhgXdfvM%3D%0A&m=D5cPuoZt5KZjcvxhzpiKl%2FkE1GJXwAhxy2dPhO%2B1NQA%3D%0A&s=271ecfee71f88a27f9f05c21320ac13aadef3a88cded18feb6b4630e757861de>, also goes by the name StudyRoom. It’s a social networking type of site promoting to students the ability to work together on class assignment. What WVU is experiencing is that when students sign up on this site that there’s an increase in unsolicited e-mail to students from the @getstudyroom.com<https://urldefense.proofpoint.com/v1/url?u=http://getstudyroom.com/&k=p4Ly7qpEBiYPBVenR9G2iQ%3D%3D%0A&r=67JB9wbdSLkO6aF6LeIYrYZMVtoKrCbSSd1FhgXdfvM%3D%0A&m=D5cPuoZt5KZjcvxhzpiKl%2FkE1GJXwAhxy2dPhO%2B1NQA%3D%0A&s=271ecfee71f88a27f9f05c21320ac13aadef3a88cded18feb6b4630e757861de> domain. It’s also thought that StudyRoom uses students’ login credentials to attempt access to other university sites. Thanks. Alex Alex Jalso, PMP, CISM Director Information Security Services West Virginia University p: 304-293-4457
Current thread:
- Get Study Room site Alex Jalso (Oct 07)
- Re: Get Study Room site Alex Waitkus (Oct 07)
- Re: Get Study Room site Kevin Halgren (Oct 08)
- Re: Get Study Room site Beyette, Jeremy (Oct 08)
- Re: Get Study Room site Leland Lyerla (Oct 08)
- Re: Get Study Room site Kevin Halgren (Oct 08)
- Re: Get Study Room site Jones, Mark B (Oct 07)
- Re: Get Study Room site Alex Waitkus (Oct 07)