The ITS Security team has been made aware of two lists of usernames and passwords that are circulating the Internet. The lists have been reported, but not confirmed, as being passwords data mined from various data breaches from the last year involving services such as LinkedIn, Yahoo, and others.
The lists posted on the Internet were comprised of over a billion email addresses and passwords. We have reviewed the information and have determined some of the email accounts are university email accounts with passwords that meet our complexity rules, and should be reset out of an abundance of caution.
Additionally, all university users should change their passwords on LinkedIn and on any other website (including TrueYou/Firefly) where you may have used the same password. Please note that no university system has been compromised.
As a precaution, users should never use the same password for their university email account and their TrueYou/Firefly account. We recommend all users run an updated anti-virus scan on your machine as soon as possible. For assistance, please contact the ITS Help Desk at firstname.lastname@example.org or 402.554.4357.