Password breach – 159 LiU accounts suspended temporarily
The incident response team (IRT) at LiU has become aware that the passwords for 159 LiU accounts are included in a list of known passwords. A person in possession of a username and password can gain access to most of the IT services provided by Linköping University. For this reason, the accounts involved will be closed on 24 January. It is believed that the breach of passwords has arisen as a result of a phishing attack, or through the reuse of passwords used in other contexts.
“There is no reason to believe that we are the source of the leak”, says Joakim Nejdeby, chief information officer.
Even if a password that is in use is included in a list of passwords that have at one time been breached, it is not certain that anyone has been able to link this password to a user account at LiU. It can, however, not be ruled out.
Students affected will received detailed information sent by mail to their registered residence, since this is the procedure available to inform individuals in a secure manner. This information, unfortunately, will not be received by the students involved before the weekend. Employees affected will receive information by SMS, with detailed information to follow through the internal mail.
Visit https://minit.liu.se/resetpassword to reset your password. If you need an activation key, visit the Student service desk. Employees contact the account manager at your institution.
We recommend that those who can still log in to their LiU account and whose password has not been breached even so read and study our Tips for a more secure password and update the password to their LiU account. Never use a password for more than one account! Passwords are changed in the My profile section of the LiU MinIT portal.
LiU Helpdesk for employees
013-28 28 28
Last updated: Fri Jan 25 08:02:20 CET 2019