08 May 2008

Centenary Webmail Hacked, Students lose all information, IT says, "We told you so"

Okay, maybe not all-at least not yet. If you have a Centenary Webmail account beware.

Nice, that even on the last day of school I'm super fueled up to write an article about shotty work in the Centenary arena.

So, if you have a Centenary Webmail Account: BEWARE!

There's a phishing scam hitting campus. Users receive an email that appears perfectly legitment, even from "info@centenary.edu". The subject line is "Webmail Upgrade." The email directs the user to a site that appears to be Centenary's webmail login screen. After punching in your information you're thanked. Wait? What just happened?
You just gave up your username and password to someone in Montana.

Centenary's response has been slow. An hour and a half after these emails appeared Centenary's IT department released a statement, "We have been notified of an email that has been received by some of you that appears that it has come from the Centenary IT Department, it is not...The IT Department does not ask for any of these types of data in an email."

Okay, I consider myself somewhat web-savvy and I did overlook the url (hahnyao.ax3). However, it appears that the email was sent form "info@centenary.edu" which leads me to wonder if that account has been hacked. Further, how would this phishing organization get students emails? I mean, mine's prominently displayed on KSCL, but what about others? It takes a password and username to get in there.

There could be more problems than just these. Hopefully the Conglomerate is researching.

I just wish someone would tell us what to do now. I've rearranged the passwords. Should I take any further steps?

[UPDATE (10:41am, 5/9): The Centenary IT Department has released another email within the last hour. For the future, they recommend changing your password and [if in doubt] never clicking a link inside an email. IT then goes on to add a link in their email.

My take: It's the best argument for preventing this in the future. IT can't prevent this from happening at small places like Centenary. Users should double check any links in emails. It's a wakeup call to remember to check the URL at the top. However, I'm under the impression that "info@centenary.edu" has been hacked. Somehow, someone got access to the "secure" page listing all the students email addresses. Or are we keeping that hush-hush?]

Blogged with the Flock Browser

1 comment:

nadine said...

yeah when i got that email i checked the url and it seemed legit so i went ahead and put my info in..

my only complaint is that they are not taking responsibility for the obvious breach that has occurred. the only way they had access to all of the student emails if if they got into a secure page... and then what else do they have?

i hope IT is doing more than just lecturing us for logging into our email accounts..