Account Lockout Communications Policy

["Chrisinger, Cory A" <CChrisinger () MADISONCOLLEGE EDU>]

Hello,

I’m looking for how different organizations handle account compromise notifications to individuals.  Due to the Chegg 
breach we reset 319 accounts towards the end of the day.  We do not necessarily have out of band communication methods 
for affected parties.  I’m hesitant to send a notification to an affected email due to tipping off the attackers. The 
attackers seem to be able to execute additional payload very quickly when they assume the account will be deactivated.  
We do notify our customer services areas, but overnight a student may not have access until business hours resume. 
Thoughts, strategies, ideas are appreciated.


Thank You,

Cory Chrisinger
CISO, CISSP ID#581915
Phone: (608) 243-4575
Email: cchrisinger () madisoncollege edu<mailto:cchrisinger () madisoncollege edu>

Want to discuss a technology project? Please contact me, or complete the Technology Services Project 
Request<https://madisoncollege365.sharepoint.com/sites/pwaprod/Lists/PMO%20Intake%20Form/NewForm.aspx?Source=/sites/pwaprod/Pages/Thank%20you%20for%20your%20request.aspx>
 form, and we’ll talk!



**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community