Chronicle of Higher Education – Potential Security Issue

by in , , , , , , , , ,

This is an important notice from the Information Security Team at CSUCI.  We have been notified that the data from recent third party site data breaches is flooding the Dark Web for sale (see “Hacker group floods dark web with data stolen from 11 companies“). One of the sites listed among those that were hit and where user data was compromised is “The Chronicle of Higher Education”, which had over 3 million user accounts were compromised. A major reason for concern is that Chronicle of Higher Education is a very popular website among academia and general password reuse is a common practice.  If these exposed accounts have been compromised on a third-party site, they can be used to access sensitive information on CSUCI’s secured networks.

If you are currently subscribed to The Chronicle of Higher Education, we are requesting you to do the following to protect and prevent any further information from being accessed by unauthorized users.

    1. Log into your account
    2. Click “My Account”
    3. Click “Password”
    4. Enter your current password
    5. Enter/create your new password
If you haven't done so already, register your myCI account on our DUO 2-Factcor Authentication (2FA) system. 2FA requires users to authenticate after entering their username and password. This is a great way to stop unauthorized users from accessing your account even if your username and password are compromised.

Have questions?  Contact ITS Information Security at infosec@csuci.edu.