What happened?
As a part of continuous Cyber Threat Intelligence, the Information Security Office has been notified by a credible source that passwords used on hungrycampus.com have recently been exposed and may be involved in a security breach.
What is required from you?
To ensure safety and security of your KAUST account, if you have set your password on hungrycampus.com to be the same as your KAUST account, we advise you to immediately change your KAUST account password by navigating to https://mypassword.kaust.edu.sa/.
Avoid password reuse; to be mindful and refrain from using your KAUST account passphrase on any other websites.
What is Password Reuse?
Using the same password for more than one account is like having one key to unlock every door you use. If someone steals or copies the key, every door is vulnerable.
Password reuse is when passwords of your preference are used on more than one platform at the same time. If by any chance one account gets compromised, cybercriminals can attempt to login to your other accounts using the exposed password, thus propagating the threat.
Let’s not make it easy for cybercriminals to get to our data and ensure we avoid password reuse.
What else can I do?
Use a Password Manager
A password manager is a software application designed to store and manage online credentials. Usually, these passwords are stored in an encrypted database and locked behind a master password.
You don’t have to memorize all your passwords anymore. You only need to remember the master password that unlocks your password vault. And if you opt for a cloud-based password manager, you can access your password vault anywhere, from any device.
Use Two-factor authentication (2FA), when available
Two-factor authentication is a method of establishing access to an online account or computer system that requires the user to provide two different types of information to authenticate.
This simply means a way to convince a computer system or online service that you are who you say you are, so the system can determine if you have the right to access the data or services that you’re trying to access. With two-factor authentication, you’ll need to both provide a password and prove your identity with another factor to gain access. We recommend that you only use websites that provide 2FA services for their customers, especially when you are dealing with confidential information.
You can make use of KAUST provided DUO 2FA for second factor authentication.
Thank you for taking the time and reading this security alert, visit humanfirewall.kaust.edu.sa to review other tips to help protect KAUST from cyber threats.
Stay vigilant. Be a Human Firewall!
KAUST IT
it.kaust.edu.sa
