40,000 students forced to queue for new passwords after 'severe' cyber attack

Legal quirk means German university students must receive new passwords in person following a password reset

Tens of thousands of university students in Germany have been forced to queue up to receive new passwords following a mass-password reset spurned by a recent security incident.

The University of Giessen’s (JLU) 38,000 students are being issued with new passwords in person due to a legal oddity that means they can’t be notified through email, as is conventionally done after a credential reset.

Advertisement - Article continues below

Because the institution is part of the German National Research and Education Network (DFN), the students may only receive their new passwords in person as part of a legal requirement to be members of the body, JLU has confirmed.

Students are also being asked to bring a valid form of ID, and their personalised JLU photocard embedded with a chip to prove their identity. Moreover, the university has released a structured timetable for collection, with users asked to queue up during different time slots throughout this week based on their month of birth.

The password reset was deemed necessary after a suspected cyber attack almost ten days ago knocked JLU’s services offline. The incident was described as ‘severe’ in an open letter penned by the president of JLU Professor Dr Joybrato Mukherjee and required that the university shut down its servers.

Advertisement - Article continues below

JLU was taken offline on Sunday 8 December as a result of the attack, with all email systems and internal networks out of action, and no fixed date as to when all services will be back online. 

These actions also meant the entire examination administrative system was taken offline, so students can’t be provided with degree certificates, transcripts or records of any exam certificates until services are restored.

Advertisement - Article continues below

JLU established a crisis management committee, led by the body's president, and has been working with authorities and cyber security experts to establish the extent of the damage and to aid in any ongoing investigations.

More than a thousand USB sticks loaded with anti-virus software are also being distributed en masse to professors, institutes and departments within the university. This is so that individuals can scan JLU's IT systems for any traces of malware.

Computer systems granted a clean bill of health will receive a green sticker, before individuals embark on a second wave of anti-virus scanning, scheduled to take place today.

While the first wave of anti-virus scanning searches for generic virus types, this second wave contains a scan that’s highly specified to the strain of malware that targeted the university.

JLU has had to conuct a scan of its computer systems in two waves because it was initially difficult to integrate the more specific anti-malware scanner into the existing anti-virus software.

However, this has now been achieved, and the second wave will be an all-encompassing anti-virus scan for both generic forms of malware as well as the new strain that targeted JLU.

Featured Resources

Preparing for long-term remote working after COVID-19

Learn how to safely and securely enable your remote workforce

Download now

Cloud vs on-premise storage: What’s right for you?

Key considerations driving document storage decisions for businesses

Download now

Staying ahead of the game in the world of data

Create successful marketing campaigns by understanding your customers better

Download now

Transforming productivity

Solutions that facilitate work at full speed

Download now

Most Popular

Business operations

Nvidia overtakes Intel as most valuable US chipmaker

9 Jul 2020

How to find RAM speed, size and type

24 Jun 2020

The best server solution for your SMB

26 Jun 2020