This is NOT a notification of data loss by the University.
Reports earlier this week revealed what’s being referred to “Collection #1,” an 87GB pile of data that included more than 773 million unique email accounts and more than 21 million different passwords. The breach was first reported by Troy Hunt, the security researcher who runs the site Have I Been Pwned, where you can check if your email or password have been compromised in a data breach.
Large breaches like these are often used for “data-stuffing attacks,” in which hackers use bots to automatically test millions of emails and password combinations across many website login pages until they gain access. This means if you use the same password across different websites, you could be at risk of being compromised, even at sites that weren’t hacked.
Keith Barros, Senior Director of IT Security at Seton Hall, advises against sharing your password, even with the Department of Information Technology. "Use complex passwords, change them frequently and avoid using the same user ID and password for multiple accounts. If possible, use a form of two-factor authentication, especially for accounts that contain sensitive or financial information."
Two-factor authentication is an extra layer of security that helps to prevent anyone but you from logging in, even if they know your password. The Department of Information Technology plans to require two-factor authentication for all accounts used by full time faculty and employees in the Spring 2019 semester and will communicate next-steps soon.
How to protect your accounts and data:
- Report phishing emails by clicking the "Report Phishing" button.
- Check if your email or password have been compromised here.
- Enable Two-Factor Authentication for sensitive accounts.
- If you suspect your Seton Hall account is compromised, contact the Technology Service Desk immediately (email@example.com)
Categories: Science and Technology