Educause Security Discussion mailing list archives
Re: Security Breach Notification MIA...
From: Ken Connelly <Ken.Connelly () UNI EDU>
Date: Wed, 20 Feb 2013 09:26:08 -0600
OK. I also think I heard a report or two of the notification ending up in a spam folder. - ken Tonkin, Derek K wrote:
I use the InCommon system and I received an e-mail notification. Derek -----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Ken Connelly Sent: Wednesday, February 20, 2013 9:17 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Security Breach Notification MIA... Those who use a federated login instead of local authentication were not affected and perhaps not even notified? - ken Allen, Jon D. wrote:We did some analysis and there is a delta of about thirty users for us between those who received the email and those who are listed under our Educause account as users. I am not sure if there is a concept of an expired account that could be accounting for the delta. Thanks, _________________________________ Jon Allen, CISSP, EnCE Information Security Officer Baylor University 254.710.4793 www.baylor.edu/bearaware -----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Ken Connelly Sent: Wednesday, February 20, 2013 8:44 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Security Breach Notification MIA... The archive on the EDUCAUSE site is updated in pretty much real time, so that's a place where you could follow the discussion prior to getting a digest. If you look there, you'll see that the majority of the concern was the phishy-looking links in the message(s). That was caused by (1) EDUCAUSE's normal use of a third-party mass-mailer (Informz) and (2) the click-tracking URLs that were in the message. Those concerns were compounded because the normally sluggish (at best) EDUCAUSE website was moving at glacial speeds due to the load. I noticed the delta between the breech discovery and the announcement, but that wasn't a topic of concern as I recall, perhaps partially due to the two much more important concerns mentioned above. - ken Boyd, Daniel wrote:Has anyone else NOT received their email notification from EduCause about the security breach? The only reason I found out about it yesterday is because my CIO was watching the chatter on the CIO list about the notification. I get my security list discussions in digest form, so I had not seen the discussion here. Anyone else peeved that they waited 14 days to (supposedly) notify everyone? I’m not trying to stir up a flaming discussion (although I probably have succeeded), I really am just curious as to the mood here. Dan Daniel H. Boyd (94C) Senior Network Architect Network Operations Berry College Phone: 706-236-1750 Fax: 706-238-5824 There are two rules to follow with your account passwords: 1. NEVER SEND YOUR PASSWORD VIA EMAIL (TO ANYONE)!!!!! 2. If unsure, consult rule #1-- - Ken ================================================================= Ken Connelly Associate Director, Security and Systems ITS Network Services University of Northern Iowa email: Ken.Connelly () uni edu p: (319) 273-5850 f: (319) 273-7373 Any request to divulge your UNI password via e-mail is fraudulent!-- - Ken ================================================================= Ken Connelly Associate Director, Security and Systems ITS Network Services University of Northern Iowa email: Ken.Connelly () uni edu p: (319) 273-5850 f: (319) 273-7373 Any request to divulge your UNI password via e-mail is fraudulent!
-- - Ken ================================================================= Ken Connelly Associate Director, Security and Systems ITS Network Services University of Northern Iowa email: Ken.Connelly () uni edu p: (319) 273-5850 f: (319) 273-7373 Any request to divulge your UNI password via e-mail is fraudulent!
Current thread:
- Security Breach Notification MIA... Boyd, Daniel (Feb 20)
- Re: Security Breach Notification MIA... Ken Connelly (Feb 20)
- Re: Security Breach Notification MIA... Allen, Jon D. (Feb 20)
- Re: Security Breach Notification MIA... Ken Connelly (Feb 20)
- Re: Security Breach Notification MIA... Tonkin, Derek K (Feb 20)
- Re: Security Breach Notification MIA... Ken Connelly (Feb 20)
- Re: Security Breach Notification MIA... Dexter Caldwell (Feb 20)
- Re: Security Breach Notification MIA... Hauber, Wayne [ITSEC] (Feb 20)
- Re: Security Breach Notification MIA... Allen, Jon D. (Feb 20)
- Re: Security Breach Notification MIA... Manjak, Martin (Feb 20)
- Re: Security Breach Notification MIA... Bateman, Darrell (Feb 20)
- Re: Security Breach Notification MIA... Ken Connelly (Feb 20)