esgargs Suspended 97470 Posts user info edit post |
Quote : | "This letter is directed to users of the campus Unity WebMail service (webmail.ncsu.edu). On or about August 4th, 2005, the web servers that are part of the webmail.ncsu.edu service were compromised by outside forces. Although the extent of the intrusion is not yet known, it is possible that WebMail users who accessed the system between August 4th and August 9th could have had their passwords captured. To prevent the possibility of your account being accessed unknowingly, it is highly recommended that you change your Unity password immediately. " |
About time I changed my password...8/9/2005 4:04:23 PM |
MiniMe_877 All American 4414 Posts user info edit post |
link your source dammit 8/9/2005 4:05:30 PM |
Smath74 All American 93281 Posts user info edit post |
how do you do that? mine is still my social security number from when i came to state 8 years ago. 8/9/2005 4:05:43 PM |
JonHGuth Suspended 39171 Posts user info edit post |
good thing i do blind forwarding 8/9/2005 4:06:23 PM |
esgargs Suspended 97470 Posts user info edit post |
My source is my email inbox... 8/9/2005 4:06:58 PM |
MiniMe_877 All American 4414 Posts user info edit post |
I'm no longer a student, so I dont get those crucial emails.
I checked http://sysnews.ncsu.edu and there was no update there 8/9/2005 4:08:42 PM |
TGD All American 8912 Posts user info edit post |
yeah it's a notice they sent out about an hour ago
the full email:
Quote : | "This letter is directed to users of the campus Unity WebMail service (webmail.ncsu.edu). On or about August 4th, 2005, the web servers that are part of the webmail.ncsu.edu service were compromised by outside forces. Although the extent of the intrusion is not yet known, it is possible that WebMail users who accessed the system between August 4th and August 9th could have had their passwords captured. To prevent the possibility of your account being accessed unknowingly, it is highly recommended that you change your Unity password immediately. To change your password, please go to:
http://www.ncsu.edu/password
While selecting a new password, please follow the recommendations for a secure password referenced on the password change page.
ITD apologizes for the inconvenience that this may cause. Please keep in mind that there is only evidence of a security breach -- ITD is not currently aware of any active attempts to extract data from the WebMail servers or from users' IMAP mail accounts. The request for you to change your password is only precautionary, but again, it is highly recommended. Also, if you use Webmail to access other email accounts, it is suggested that you change those passwords as well. Please note that this does not include email accounts that are automatically forwarded to your Unity account, but other accounts that you access with WebMail.
For more information about this incident, please contact the NC State University Help Desk at help@ncsu.edu or 515-HELP (4357).
-- Information Technology Division North Carolina State University" |
[Edited on August 9, 2005 at 4:09 PM. Reason : full email]8/9/2005 4:08:43 PM |
esgargs Suspended 97470 Posts user info edit post |
Quote : | "Return-Path: Received: from uni05mr.unity.ncsu.edu (uni05mr.unity.ncsu.edu [152.1.1.168]) by uni30map.unity.ncsu.edu (Cyrus v2.2.10) with LMTPA; Tue, 09 Aug 2005 15:49:07 -0400 X-Sieve: CMU Sieve 2.2 Received: from uni01du.unity.ncsu.edu (uni01du.unity.ncsu.edu [152.1.13.101]) by uni05mr.unity.ncsu.edu (8.13.4/8.13.3/N.20050331.02) with ESMTP id j79Jmms7013508; Tue, 9 Aug 2005 15:48:48 -0400 (EDT) Received: from localhost (hmn@localhost) by uni01du.unity.ncsu.edu (8.11.7+Sun/8.10.2) with SMTP id j79Jmli16092; Tue, 9 Aug 2005 15:48:47 -0400 (EDT) X-Authentication-Warning: uni01du.unity.ncsu.edu: hmn owned process doing -bs Received: by uni01du.unity.ncsu.edu (bulk_mailer v1.5); Tue, 9 Aug 2005 15:48:47 -0400 From: NCSU Help Desk Date: Tue, 9 Aug 2005 14:00:00 -0500 To: undisclosed-recipients:; Subject: NCSU Information Technology Division Priority Notification Message-ID: X-PMX-Version: 4.7.1.128075, Antispam-Engine: 2.0.3.2, Antispam-Data: 2005.8.9.22 X-Spam-Status: No, Hits=7% X-Spam-Level: IIIIIII
" |
8/9/2005 4:09:47 PM |
Senez All American 8112 Posts user info edit post |
was just about to post this 8/9/2005 4:10:01 PM |
Specter All American 6575 Posts user info edit post |
I never got this email 8/9/2005 4:16:16 PM |
virga All American 2019 Posts user info edit post |
^ me neither 8/9/2005 4:23:40 PM |
Rat Suspended 5724 Posts user info edit post |
I never got it either 8/9/2005 4:26:03 PM |
seedless All American 27142 Posts user info edit post |
webmail has been raped. 8/9/2005 4:26:15 PM |
wheelmanca19 All American 3735 Posts user info edit post |
so happy I sent up blind forwarding to my gmail account. 8/9/2005 4:27:50 PM |
Specter All American 6575 Posts user info edit post |
Nevermind, I just got this message. 8/9/2005 4:30:01 PM |
esgargs Suspended 97470 Posts user info edit post |
Someone post it on Slashdot. 8/9/2005 4:39:39 PM |
GraniteBalls Aging fast 12262 Posts user info edit post |
ECU makes all students change PWDs every 6 months. 8/9/2005 5:02:19 PM |
esgargs Suspended 97470 Posts user info edit post |
It's every semester at UNC 8/9/2005 5:03:51 PM |
DaveOT All American 11945 Posts user info edit post |
Here, our passwords are only valid for 90 days.
At State, I actually used the same one for all four years. 8/9/2005 5:08:37 PM |
Supplanter supple anteater 21831 Posts user info edit post |
got this e-mail too. 8/9/2005 5:21:28 PM |
Supplanter supple anteater 21831 Posts user info edit post |
But the link they gave doesn't work... oh well. 8/9/2005 5:23:47 PM |
darkone (\/) (;,,,;) (\/) 11611 Posts user info edit post |
I wonder which servers got hacked. Just one or two, or all of them. 8/9/2005 5:59:37 PM |
S All American 658 Posts user info edit post |
IT got hax 8/9/2005 6:05:02 PM |
jackleg All American 170962 Posts user info edit post |
they had a huge hole in their shit for 5 days and no one noticed?
they should seriously fire everyone that works over there 8/9/2005 6:25:10 PM |
Jere Suspended 4838 Posts user info edit post |
fucking terrific
Quote : | "WebMail users who accessed the system between August 4th and August 9th" |
...everyone?8/9/2005 6:31:13 PM |
jackleg All American 170962 Posts user info edit post |
hey its not that big a deal!
especially not for the people that used their SSN as their password!
its not like they have access to any of your personal information! 8/9/2005 6:35:30 PM |
Supplanter supple anteater 21831 Posts user info edit post |
or have you password to access tracs or you financial information. 8/9/2005 6:41:35 PM |
Jere Suspended 4838 Posts user info edit post |
I think this is a phishing email
I mean, if webmail really was compromised how do we know this is legit...
8/9/2005 6:50:20 PM |
jahosephat All American 3130 Posts user info edit post |
and it is funny how the change password website is swamped and does not work... 8/9/2005 7:09:31 PM |
PackMan92 All American 8284 Posts user info edit post |
it took like 10 mins, but i finally got through
u just gotta be patient 8/9/2005 7:09:55 PM |
benz240 All American 4476 Posts user info edit post |
just got it as well...the link points to the real deal though, wtf? any word from you 31337 h4ck3r5 on the 51tu4t10n? 8/9/2005 7:10:50 PM |
Noen All American 31346 Posts user info edit post |
Funny thing is, attackers could have comprimised the password changing site and sent out the email in order to get thousands of user's account information. 8/9/2005 7:30:37 PM |
Jere Suspended 4838 Posts user info edit post |
wouldn't that be ironic? 8/9/2005 7:37:24 PM |
qntmfred retired 40807 Posts user info edit post |
i mean duh. that's what i did 8/9/2005 7:40:59 PM |
PackMan92 All American 8284 Posts user info edit post |
so do we think this is legit
or not 8/9/2005 7:43:03 PM |
kinetix All American 3122 Posts user info edit post |
it's legit 8/9/2005 8:01:34 PM |
esgargs Suspended 97470 Posts user info edit post |
http://sysnews.ncsu.edu/news/42f935b7 8/9/2005 8:16:44 PM |
qntmfred retired 40807 Posts user info edit post |
omlol some body h4x3d sysnews!1 8/9/2005 8:18:51 PM |
pcmsurf All American 7033 Posts user info edit post |
thx for the info
password changed 8/9/2005 9:11:39 PM |
Pyro Suspended 4836 Posts user info edit post |
This is almost as bad as when all the credit card numbers NCSU Transportation had on file were stolen last year.(they literally broke in the building and stole the hard copies) 8/9/2005 9:44:06 PM |
GoldenViper All American 16056 Posts user info edit post |
Quote : | "If you really want to use a word as your password, you can abide by these rules with some simple modifications. For example, mydoggie would be valid if changed to m1D0gg1e" |
so there are advantages to l33t sp33k after all...8/9/2005 10:50:02 PM |
mdbncsu All American 4923 Posts user info edit post |
^^ didn't they open up the computers and steal the actual hard drives? hard copies would be pieces of paper correct? 8/10/2005 12:42:21 AM |
ToiletPaper All American 11225 Posts user info edit post |
Quote : | "Your password must: be at least 6 characters be no more than 127 characters" |
holy shit8/10/2005 12:47:39 AM |
Pyro Suspended 4836 Posts user info edit post |
^^maybe, either way I know a physical burglary was involved.
I will always use six letter english words as my passwords. The odds of someone trying a brute force dictionary attack on my meager account are far, far less than the headache typing and remembering numerous complicated passwords adds to my life.
Google's fucking anal about acceptable passwords. The way I see it, it's the provider's responsibility to ensure that passwords are entered and kept securely. Trusting end users to protect the system is a mistake.
[Edited on August 10, 2005 at 12:59 AM. Reason : .] 8/10/2005 12:58:00 AM |
SouthPaW12 All American 10141 Posts user info edit post |
this is pointless. If they already have my password, they can access nearly everything I have ever signed onto.
They SHOULD recommend changing every account's password in which a ditto password from your webmail is used. 8/10/2005 12:59:42 AM |
jimb0 All American 4667 Posts user info edit post |
yeah, now they know that my password to everything i use is qwerty123
GOSH 8/10/2005 2:34:55 AM |
Mr. Hand All American 1439 Posts user info edit post |
On the topic of simple 6-letter word passwords... It's not called a dictionary attack for nothing. All they do is scan trying to login to a system.
At the very least, change it to leet-speak. Then at least you've got some numbers in there and it increases the amount of time to break it a little. 8/10/2005 9:06:30 AM |
Petschska All American 1182 Posts user info edit post |
so since I didn't get an email, then I wasn't compromised? 8/10/2005 9:22:08 AM |
Mr. Hand All American 1439 Posts user info edit post |
From what I've read, no. It seems like they went through the logs and sent out an e-mail to everyone that logged in and could have been compromised.
If you were using a client to access your e-mail, you should not have been affected either.
[Edited on August 10, 2005 at 9:32 AM. Reason : asdf] 8/10/2005 9:31:45 AM |
esgargs Suspended 97470 Posts user info edit post |
anyone have links to more information about the kind of IRC servers installed by the "hackers" and the vulnerability exploited? 8/10/2005 9:34:09 AM |