40,000 students forced to queue for new passwords after 'severe' cyber attack

Legal quirk means German university students must receive new passwords in person following a password reset

Tens of thousands of university students in Germany have been forced to queue up to receive new passwords following a mass-password reset spurned by a recent security incident.

The University of Giessen’s (JLU) 38,000 students are being issued with new passwords in person due to a legal oddity that means they can’t be notified through email, as is conventionally done after a credential reset.

Because the institution is part of the German National Research and Education Network (DFN), the students may only receive their new passwords in person as part of a legal requirement to be members of the body, JLU has confirmed.

Students are also being asked to bring a valid form of ID, and their personalised JLU photocard embedded with a chip to prove their identity. Moreover, the university has released a structured timetable for collection, with users asked to queue up during different time slots throughout this week based on their month of birth.

The password reset was deemed necessary after a suspected cyber attack almost ten days ago knocked JLU’s services offline. The incident was described as ‘severe’ in an open letter penned by the president of JLU Professor Dr Joybrato Mukherjee and required that the university shut down its servers.

JLU was taken offline on Sunday 8 December as a result of the attack, with all email systems and internal networks out of action, and no fixed date as to when all services will be back online. 

These actions also meant the entire examination administrative system was taken offline, so students can’t be provided with degree certificates, transcripts or records of any exam certificates until services are restored.

JLU established a crisis management committee, led by the body's president, and has been working with authorities and cyber security experts to establish the extent of the damage and to aid in any ongoing investigations.

More than a thousand USB sticks loaded with anti-virus software are also being distributed en masse to professors, institutes and departments within the university. This is so that individuals can scan JLU's IT systems for any traces of malware.

Computer systems granted a clean bill of health will receive a green sticker, before individuals embark on a second wave of anti-virus scanning, scheduled to take place today.

While the first wave of anti-virus scanning searches for generic virus types, this second wave contains a scan that’s highly specified to the strain of malware that targeted the university.

JLU has had to conuct a scan of its computer systems in two waves because it was initially difficult to integrate the more specific anti-malware scanner into the existing anti-virus software.

However, this has now been achieved, and the second wave will be an all-encompassing anti-virus scan for both generic forms of malware as well as the new strain that targeted JLU.

Featured Resources

Shining light on new 'cool' cloud technologies and their drawbacks

IONOS Cloud Up! Summit, Cloud Technology Session with Russell Barley

Watch now

Build mobile and web apps faster

Three proven tips to accelerate modern app development

Free download

Reduce the carbon footprint of IT operations up to 88%

A carbon reduction opportunity

Free Download

Comparing serverless and server-based technologies

Determining the total cost of ownership

Free download

Recommended

Senate report slams agencies for poor cyber security
cyber security

Senate report slams agencies for poor cyber security

3 Aug 2021
Most employees put their workplace at risk by taking cyber security shortcuts
cyber security

Most employees put their workplace at risk by taking cyber security shortcuts

27 Jul 2021
61% of organizations say improving security a top priority for 2021
cyber security

61% of organizations say improving security a top priority for 2021

29 Jun 2021
ProtectedBy.AI’s CodeLock blocks malware at source code level
software as a service (SaaS)

ProtectedBy.AI’s CodeLock blocks malware at source code level

9 Jun 2021

Most Popular

How to move Microsoft's Windows 11 from a hard drive to an SSD
Microsoft Windows

How to move Microsoft's Windows 11 from a hard drive to an SSD

24 Nov 2021
What should you really be asking about your remote access software?
Sponsored

What should you really be asking about your remote access software?

17 Nov 2021
Best MDM solutions 2020
mobile device management (MDM)

Best MDM solutions 2020

12 Nov 2021