University faces issue of “compromised” e-mail accounts
The University reminds students, faculty and staff members to take caution and protection against any personal information obtained via the internet, according to a University memo.
In recent news, theft of confidential information has been reported to have occurred in several well-known companies and organizations. In a memo sent out on Feb. 21, the University stressed the importance of the roles the St. John’s community plays in safeguarding confidential information.
Although there have been no cyber thefts as a result of a hacked University e-mail account, the St. John’s community has faced the issue of fake “compromised” e-mail accounts. A situation like this occurs when unauthorized hackers use fake phishing e-mails to trick people into entering their e-mail accounts and passwords. These hackers then have the ability to read e-mails, check calendars, etc.
29 e-mail accounts have been reported to have been compromised this year so far due to people mistakenly entering their e-mail accounts and passwords in this fake format e-mail, according to memo. The accounts were immediately de-activated and users were told to change their passwords.
Vice President and Chief Information Officer Joseph Tufano reminds students that the University won’t ask for personal information through email.
“An important point to note here is that the University would never ask for personal information via e-mail from any of our employees or students, as our top priority is to protect and keep private all confidential data,” Tufano said. “The Office of Information Technology and our Internal Audit departments recognize that security needs to be continually updated as policies and technology evolves.”
One of the prominent elements in any computer security strategy is restricting access to accounts through strong usernames and passwords.
The University encourages all to choose strong passwords (preferably containing upper and lowercase letters, numbers, symbols, etc.) to protect your own information, as well as any University information that your email may contain. It is encouraged to not make unnecessary copies of University files on your mobile device.
While Tufano wants to assure students of the “diligent” monitoring system in store to prevent data breaches, there’s a role everyone else has to play.
“While technology is our most effective weapon in protecting confidential information, it cannot eliminate all security risks, so we caution that all of us must play a role in combating this serious issue together,” he said.
The University treats the security of its records seriously and several projects are underway to help strengthen security and protection. It suggests treating your information confidentially (no sharing of passwords and e-mail accounts) as a way to make a difference.
“We are asking the entire St. John’s community to spread the word about these safeguards, and outlets like the Torch and other key communications vehicles that can help us get the message to our entire student body and employees, both effectively and efficiently,” Tufano said.