40,000 students forced to queue for new passwords after 'severe' cyber attack

Legal quirk means German university students must receive new passwords in person following a password reset

Tens of thousands of university students in Germany have been forced to queue up to receive new passwords following a mass-password reset spurned by a recent security incident.

The University of Giessen’s (JLU) 38,000 students are being issued with new passwords in person due to a legal oddity that means they can’t be notified through email, as is conventionally done after a credential reset.

Advertisement - Article continues below

Because the institution is part of the German National Research and Education Network (DFN), the students may only receive their new passwords in person as part of a legal requirement to be members of the body, JLU has confirmed.

Students are also being asked to bring a valid form of ID, and their personalised JLU photocard embedded with a chip to prove their identity. Moreover, the university has released a structured timetable for collection, with users asked to queue up during different time slots throughout this week based on their month of birth.

The password reset was deemed necessary after a suspected cyber attack almost ten days ago knocked JLU’s services offline. The incident was described as ‘severe’ in an open letter penned by the president of JLU Professor Dr Joybrato Mukherjee and required that the university shut down its servers.

Advertisement - Article continues below

JLU was taken offline on Sunday 8 December as a result of the attack, with all email systems and internal networks out of action, and no fixed date as to when all services will be back online. 

These actions also meant the entire examination administrative system was taken offline, so students can’t be provided with degree certificates, transcripts or records of any exam certificates until services are restored.

Advertisement - Article continues below

JLU established a crisis management committee, led by the body's president, and has been working with authorities and cyber security experts to establish the extent of the damage and to aid in any ongoing investigations.

More than a thousand USB sticks loaded with anti-virus software are also being distributed en masse to professors, institutes and departments within the university. This is so that individuals can scan JLU's IT systems for any traces of malware.

Computer systems granted a clean bill of health will receive a green sticker, before individuals embark on a second wave of anti-virus scanning, scheduled to take place today.

While the first wave of anti-virus scanning searches for generic virus types, this second wave contains a scan that’s highly specified to the strain of malware that targeted the university.

JLU has had to conuct a scan of its computer systems in two waves because it was initially difficult to integrate the more specific anti-malware scanner into the existing anti-virus software.

However, this has now been achieved, and the second wave will be an all-encompassing anti-virus scan for both generic forms of malware as well as the new strain that targeted JLU.

Featured Resources

Top 5 challenges of migrating applications to the cloud

Explore how VMware Cloud on AWS helps to address common cloud migration challenges

Download now

3 reasons why now is the time to rethink your network

Changing requirements call for new solutions

Download now

All-flash buyer’s guide

Tips for evaluating Solid-State Arrays

Download now

Enabling enterprise machine and deep learning with intelligent storage

The power of AI can only be realised through efficient and performant delivery of data

Download now

Most Popular

Server & storage

HPE warns of 'critical' bug that destroys SSDs after 40,000 hours

26 Mar 2020
video conferencing

Zoom beams iOS user data to Facebook for targeted ads

27 Mar 2020
high-performance computing (HPC)

IBM dedicates supercomputing power to coronavirus research

24 Mar 2020

These are the companies offering free software during the coronavirus crisis

25 Mar 2020