According to recent media reports, Russian Internet criminals have stolen an estimated 1.2 billion usernames and passwords, including more than 500 million email addresses. The bottom line for you:
At risk: Potentially any internet/online account usernames and passwords – the specific sites or accounts affected are not known at this time
High risk:
-
Those that reuse passwords on multiple accounts, especially relating to your main email, banking, credit card, and investments accounts
-
Accounts with weak passwords
-
Accounts at sites with low security for changing the password (e.g., not utilizing alternate contact information for password recovery)
What TTU does:
-
Requires strong eRaider passwords
-
Uses alternate contact information to recover password, such as alternate email address and/or cell phone number (i.e., multi factor)
What YOU can do:
-
Change internet/online account passwords
-
Strengthen online passwords – at least 8 random characters with a mixture of upper and lower case and special characters
-
Do not reuse passwords, especially for your main email, banking, credit card, and investments accounts
-
Regularly update your password (e.g., every few months)
While we have no reason to believe that any TTU accounts are affected, if you use your eRaider password elsewhere (which you shouldn’t), you should change your eRaider password now. Otherwise, because TTU uses industry best practices, including requiring password changes every 90 days, eRaider passwords do not need to be changed immediately.
Before you make any password changes, ensure that your system is not infected with a virus and has the most up-to-date operating system. For Windows, go to http://windowsupdate.microsoft.com. For Macs, use the Software Update in System Preferences. Additionally, the TTU IT Division provides Symantec anti-virus free of charge to the TTU community and is available through the eRaider site, https://eraider.ttu.edu.
For additional information on safe computing practices, including our tips to avoid falling victim to a phishing attack, please visit www.safecomputing.ttu.edu. We are all responsible for data security, and we ask that you be vigilant!
