Skip to content
Naked Security Naked Security

Get in line! 38,000 students and staff forced to queue for new passwords

It's not a bread line, and it's not a line to see Santa - it's an analog response to a nasty cyber attack.

No, these students aren’t lining up to see Santa.

https://twitter.com/svblxyz/status/1206948966442708992

They’re lining up for new passwords as the IT staff at their university – Justus Liebig University (JLU) in Gießen, a town north of Frankfurt, Germany – continue to mop up after a malware attack hit the school on Sunday, 8 December.

In what has to be the most analog password-reset operation of modern times, 38,000 students and staff were told to grab their identity cards and join a queue so they can get a new password for their university email accounts. They have to pick up the passwords in person, JLU said on Wednesday, due to unspecified security reasons as well as the legal requirements of the German National Research and Education Network (DFN).

There is no alternative to this procedure. Collecting the password in person is a prerequisite for the ability of every JLU member to use e-mail at JLU in the near future. All previous e-mail passwords are thus invalid!

Following the attack, JLU staff took down the email server, the internet and internal networks, fearing that they’d been infected. Then, they reset all email account passwords, as a precautionary step – a move that affected all students and staff.

At this point, JLU’s IT Service center is still scanning devices. For days, the university has been using more than 1,200 USB flash drives loaded with antivirus scanners to scan each and every JLU computer for traces of the malware. None of the devices are getting back onto the network until they show up as virus-free and get slapped with an all-clear green sticker.

Actually, some of those computers have gone through the scan twice. IT Service first scanned computers last week. Then, the department repeated the scans over the weekend, after the antivirus scanner received updated virus signatures to make sure that it would detect the malware that infected JLU’s network.

How do you pass out 38,000 passwords in an orderly fashion? In a highly organized way: JLU is doing it with a schedule based on students’ and staff’s birth month.

The priority: get this all done by Christmas.

The priority [is] to restore email communication skills for all members and members of the JLU before the Christmas break.

Godspeed, JLU IT Service!

2 Comments

“JLU staff took down … the internet” – Oh, so that’s who it was! Put me right off my, eh, stroke.

I guess it is one way of making sure old accounts are no longer active. I bet all these people are much more careful about guarding their passwords and ensuring that they are strong passwords after this. No-one will want to go through this again.

Comments are closed.

Subscribe to get the latest updates in your inbox.
Which categories are you interested in?