Educause Security Discussion mailing list archives
Re: EDUCAUSE Statement on Server Breach
From: "Maloney, Michael" <mmaloney () MIDDLESEXCC EDU>
Date: Tue, 19 Feb 2013 19:39:54 +0000
I called Educause to confirm it with them, the URL they want you to go to looks way too fishy to be legitimate.. From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Bob Bayn Sent: Tuesday, February 19, 2013 2:35 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: {SPAM?} Re: [SECURITY] EDUCAUSE Statement on Server Breach Importance: Low We, too, were scurrying around and called the Denver office for reassurance before that message arrived from Valerie. Bob Bayn SER 301 (435)797-2396 IT Security Team Office of Information Technology, Utah State University three common hazardous email scams to watch out for: 1) unfamiliar transaction report from familiar business 2) attachment with no explanation in message body 3) "phishing" for your email password ________________________________ From: The EDUCAUSE Security Constituent Group Listserv [SECURITY () LISTSERV EDUCAUSE EDU] on behalf of Malyn, Justin D. [MalynJ () UMKC EDU] Sent: Tuesday, February 19, 2013 12:31 PM To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU> Subject: Re: [SECURITY] EDUCAUSE Statement on Server Breach Just FYI, the emails directly to profile holders has a password reset link that uses the domain educause.informz.net , which this would be one case where using link-usage-tracking in email might be bad when notifying for a breach. (Maybe instead just tell people to visit the educause site, and take these page steps to reset your password, so that no click link is involved?) Without having seen the below note first (I got the profile warning first), it looked like an elaborate phishing email since the click links didn't match. -Justin Justin D. Malyn Information Security Officer GCED, GCWN, GCIH, GCFA, and GSLC Certified by GIAC.org Information Services University of Missouri - Kansas City From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Valerie Vogel Sent: Tuesday, February 19, 2013 1:16 PM To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU> Subject: [SECURITY] EDUCAUSE Statement on Server Breach Please review the statement below; contact information for inquiries is provided at the conclusion. February 19, 2013 - Garth Jordan, Vice President, Operations, of EDUCAUSE, issued the following statement with regard to a recent breach of EDUCAUSE servers by an unauthorized third party. "On February 5th, EDUCAUSE discovered that the server that maintains the .edu domain information and our member profile information was breached. The breach may have compromised .edu domain passwords and information contained in individual EDUCAUSE website profiles, including names, titles, e-mail addresses, usernames, and passwords. Based on our investigation to date, we do not believe the breach included access to credit card data, financial accounts, or other sensitive information. "EDUCAUSE took immediate steps to contain this breach and we are working with Federal law enforcement, investigators, and security experts to make sure this incident is properly addressed. Additional security measures have been implemented to help prevent any future occurrences. "As a precaution, we are proceeding as though all individual EDUCAUSE website profiles and all .edu domain holders might have been impacted. We have notified via email all .edu domain holders and all individuals with website profiles about the breach and requested that they change their passwords. All that is required from those impacted by this breach is a password re-set. "The threat of a breach is a constant business concern; no organization is immune from these illegal and harmful activities. Therefore, our priority remains ensuring the security and privacy of our members, domain holders, and everyone who relies on our services." * For help with EDUCAUSE website profile password changes, please contact EDUCAUSE Member Services at info () educause edu<mailto:info () educause edu> or +1-303-449-4430. * For help with .edu domain password changes, please contact EDUCAUSE Member Services at edu () educause edu<mailto:edu () educause edu> or +1-303-449-4805. * For media inquiries, please contact Pete Boyle, Senior Vice President for Lipman Hearne, at pboyle () lipmanhearne com<mailto:pboyle () lipmanhearne com> or +1-202-536-8088. Thank you, Valerie Valerie Vogel Program Manager EDUCAUSE<http://www.educause.edu/> Uncommon Thinking for the Common Good direct: 202.331.5374 | main: 202.872.4200 | twitter: @HEISCouncil | educause.edu<http://www.educause.edu/>
Current thread:
- EDUCAUSE Statement on Server Breach Valerie Vogel (Feb 19)
- Re: EDUCAUSE Statement on Server Breach Malyn, Justin D. (Feb 19)
- Re: EDUCAUSE Statement on Server Breach Bob Bayn (Feb 19)
- Re: EDUCAUSE Statement on Server Breach Maloney, Michael (Feb 19)
- Re: EDUCAUSE Statement on Server Breach Valdis Kletnieks (Feb 19)
- Re: EDUCAUSE Statement on Server Breach Lorenz, Eva (Feb 20)
- Re: EDUCAUSE Statement on Server Breach Mark Boolootian (Feb 20)
- Re: EDUCAUSE Statement on Server Breach Bob Bayn (Feb 19)
- Re: EDUCAUSE Statement on Server Breach Kevin Halgren (Feb 19)
- Re: EDUCAUSE Statement on Server Breach Valerie Vogel (Feb 19)
- Re: EDUCAUSE Statement on Server Breach Kevin Halgren (Feb 19)
- Re: EDUCAUSE Statement on Server Breach Michael Sinatra (Feb 19)
- Re: EDUCAUSE Statement on Server Breach Mike Porter (Feb 20)
- Message not available
- Re: EDUCAUSE Statement on Server Breach Benjamin Parker (Feb 19)
- Re: EDUCAUSE Statement on Server Breach Malyn, Justin D. (Feb 19)
- Re: EDUCAUSE Statement on Server Breach Scherck, Daniel (Feb 19)