[Faccus] Account lockouts due to compromised passwords

Heather Wey hawey at uwaterloo.ca
Tue Feb 25 18:00:53 EST 2014

What is happening? Starting Saturday, February 22, we have observed a much higher incidence than usual of uwaterloo email accounts being used to send spam.

Why is this happening? Based on feedback from affected individuals, IST Information Security Services believes that this is a result of passwords compromised in a breach of LinkedIn in 2012 and GitHub in 2013.

What should you do to protect yourself? If you have used your uwaterloo email address and WatIAM password on a LinkedIn or GitHub account you should *immediately* change your passwords on both services. IST recommends that everyone should avoid using the same password for more than one service.

What should I do if my account is locked out? Contact the IST Service Desk (CHIP), helpdesk at uwaterloo.ca or ext 84357 or your faculty IT/helpdesk.

Questions/concerns? Please contact the IST Service Desk (CHIP), helpdesk at uwaterloo.ca or ext 84357.

Recipients of this message: isthd; ist-staff; admin-support; faccus; ctsc; ucist; SSO, MSC (CPA); Daily Bulletin (previously)

Heather Wey
IST Communications
University of Waterloo
519-888-4567 x35878
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.uwaterloo.ca/pipermail/faccus/attachments/20140225/e1c76107/attachment.html>

More information about the Faccus mailing list