Last week, several educational institutions, including Vanderbilt, were targeted by Lulz Security, or LulzSec in an attempt to obtain user names and passwords.
Lulzsec is the group responsible for hacking into Sony, Nintendo, the CIA and the US Senate sites recently. ePasswords were not targeted, but other systems that contain email addresses, user names and passwords were targets. While Vanderbilt enforces strong passwords for the ePassword, some sites, even those containing sensitive information, do not require strong passwords.
Vanderbilt encourages the community to consider strengthening passwords used on all sites on the internet. Take care not to reuse user names and passwords across sites. These include passwords used for gaming and social networking sites such as Facebook, as well as personal email sites such as Gmail or Yahoo.
Passwords need to be sufficiently complex to help thwart hacking attempts. Solid passwords are those that cannot be guessed easily, and contain words that cannot be found in a dictionary. Including special characters, numbers and upper case characters will help protect your password from being hacked. Never use your VUnet ID and ePassword on systems outside Vanderbilt.
Vanderbilt is taking steps to enhance security in addition to reminding users to change and strengthen their passwords. Vanderbilt is committed to online safety and we ask the community to take this opportunity to review accounts and passwords used at Vanderbilt and on the internet.
Kevin Webb, kevin.webb@vanderbilt.edu
(615) 875-9465