Das Reboot: Uni forces 38,000 students, staff to queue, show their papers for password reset following 'cyber attack'
School in Germany rolls out credential refresh with printed ID requirement
Tens of thousands of students and staff at a university in Germany had to queue up this week after a malware infection on its campus network forced the college to reset everyone's account passwords.
The Justus Liebig University Gießen (JLU) says that a "suspected cyber attack" this month has caused it to shut down most of its online services for several days, and reset their logins.
In order to get new credentials, the school is requiring students to appear in person, meaning some 38,000 people have to show up with identification to get their passwords changed. Here's what that looks like...
The University in Gießen, Germany had a security incident that required resetting the passwords of 38000 students. Students are lining up to get their new passwords on paper, after identity verification. More about the incident on the bottom of this page: https://t.co/uMBOi2MpJr pic.twitter.com/QEKcPMZ2Sk— svbl (@svblxyz) December 17, 2019
"For security reasons, the university computing center has issued new passwords for all 38,000 JLU email accounts," a translation of the uni's alert reads. "All employees and students have to collect their new personal password personally."
The malware outbreak, which is said to have kicked off around December 8, spread through the university's internal network, including to PCs used by university professors. Because of this, the school says that in addition to resetting all passwords, it will have to scan and clean faculty machines.
Lancaster Uni cordons off breached systems a week after thousands of folks' data pinchedREAD MORE
To that end, the school is distributing USB sticks to staffers and asking that they use those drives to scan and clean their machines. Once that scan is done, the school says its IT staff will issue a second scan with an additional tool purpose built to detect the specific malware that hit the school. Once cleared, the PCs will be adorned with a green sticker signifying they are ready for use again.
Students will not need to clean their PCs, as the university says that pupils use a different network from faculty.
If there is any solace for JLU in all of this, it is the knowledge that it is far from alone in being hit with malware. School networks, both the university and primary levels, are attractive targets for both botnet operators and data thieves.
According to data posted earlier this week by security company Armor, more than 70 US school districts were hit by malware infections over the 2019 calendar year. ®