IT asks community to change passwords after security breach
Security breaches at companies like LinkedIn and Adobe, along with over 100 compromised accounts since the beginning of the year, prompted Rice University Information Technologies to send an email on April 2 to all members of the Rice community asking them to change their passwords, according to Information Security Officer Marc Scarborough.
Security breaches at companies like LinkedIn and Adobe, along with over 100 compromised accounts since the beginning of the year, prompted Rice University Information Technologies to send an email on April 2 to all members of the Rice community asking them to change their passwords, according to Information Security Officer Marc Scarborough.
“In the past, you could pretty clearly see a correlation between a phishing [attempt] and compromised accounts sending lots of spam,” Scarborough said. “This year, we’ve seen some major differences. In January 2013, we saw 3 or 4 [compromises]. [This] January, we saw 40, [and] we don’t see the same correlation between phishing and the number of accounts.”
According to Scarborough, since people typically use the same username and password at multiple sites, a breech at any of those sites could be used to compromise the Rice account.
“Take the example of LinkedIn,” Scarborough said. “Their password database was compromised and they had notified their community in June 2012. We know a lot of people registered there with their Rice address and password. So when LinkedIn said, ‘Hey, these passwords are compromised and need to change,’ what we see is that the people at Rice did not change their password here, and those passwords aren’t just compromised in secret. They [were] compromised and published to the wild.”
Scarborough said Rice IT had correlational evidence that pointed towards a breach at LinkedIn as a large cause for the recent uptick in compromised accounts.
“Attackers are using the user ID of a Rice email address and the corresponding password to log into our systems,” Scarborough said. “For example, 28 out of 30 accounts [might be] created before June 2012. It’s [also] not one department. It’s faculty, staff, students, departments all over the map. The only piece that was consistent was that all of the accounts were created in our system before LinkedIn announced their breach. It might mean something, itmight not. But the fact that it’s almost exclusively accounts two years or older is interesting.”
Scarborough said a breach at Adobe late last year may have also contributed to the compromised accounts.
“Adobe is actually a big player in higher education,” Scarborough said. “A lot of people have Adobe accounts. We know that, again, people use the same password, and, again, people probably were forced to change their password at Adobe, but we [didn’t] see a mass change of passwords at Rice when Adobe announced their breach.”
According to Scarborough, the breach was exacerbated because Rice does not require routine password changes.
“If we had an annual password change and [the compromised accounts] really were because of LinkedIn, we probably wouldn’t be having this [conversation],” Scarborough said. “People don’t want to move forward and make the entire university go through a system where we have to change passwords with some frequency. If there’s a big enough breach, and I can show that so many Rice addresses, if it’s 500 or 300, [were compromised], I can probably make an argument to push a campus-wide password change, but we haven’t been able to say that.”
Scarborough said password managers like KeePass and OnePass are useful tools for preventing account compromises.
“I know it’s a challenge for people to choose different passwords, and we don’t want to go back to writing them behind keyboards like the old joke,” Scarborough said. “Password managers work. Most have integrated browser support and work well on mobile devices.”
Scarborough said he encourages anyone with questions to email him at marc.scarborough@rice.edu or call at 713-348-5735.
More from The Rice Thresher
Rice’s COVID class graduates amid nation-wide campus protests
Rice held its 111th commencement ceremony Saturday, May 4 at Rice Stadium. The class of 2024 walked through the Sallyport, which is currently closed amid ongoing construction of the academic quad, but was temporarily reopened for commencement. For the second year in a row, all undergraduate commencement events were condensed into one day — prior to 2023, ceremonies were typically spread out over a two-day span.
Rice SJP ‘liberated zone’ ends, university removes artwork in ‘beautification efforts’
The “liberated zone” on Rice campus and associated events ended Friday, April 26, after four days of programming, according to the Rice Students for Justice in Palestine Instagram page. Unlike overnight encampments spreading at college campuses across the country, Rice SJP disassembled the “liberated zone” each night and returned the following morning. And in contrast to clashes and escalating police responses that have led to some 2,000 arrests from Los Angeles to Hanover, N.H., there were “no major incidents and no arrests” at Rice, according to President Reggie DesRoches.
Rice Students for Justice in Palestine declares ‘liberated zone’ on campus
As student protests erupt across the country, Rice Students for Justice in Palestine launched a “liberated zone” on Rice campus, announced a two-day series of events and started construction on an “apartheid wall.”
Please note All comments are eligible for publication by The Rice Thresher.