ICT Alert 653017575

All
Service outage for Staff Email | Student Email
Times are in Australian Eastern Standard Time (AEST)

When: 3rd June 2019, 6am to 14th June 2019, 12:10pm
Clients affected: Staff and students

On the 3rd June at 6am, 'Staff Email; Student Email' has experienced a service outage. We hope to have this resolved as soon as possible, we apologise for any inconvenience.

Current status

ICT are currently managing a large number of student accounts that have been affected by a coordinated phishing attack.

Friday 14 June @ 12:05 PM

The containment of all affected student accounts has been completed and services restored. All students that are still not able to login should contact the IT Help Desk during business hours.

Tuesday 11 June @ 9:45 AM

Commenced suspension of system access for selected student accounts.

Please contact the IT Help Desk to regain access to your student account.

Monday 10 June @ 10:50 AM

Issuing reminder SMS messages and continuing phone calls to students affected.

Friday 7 June @ 11:00 AM

Commenced phone calls to students affected.

We are also implementing changes to our Staff email service. Any Staff member experiencing issues with email connectivity are advised to contact the IT Help Desk. Email access via a web browser will remain unaffected.

Thursday 6 June @ 12:00 PM

SMS messages are being issued to remaining affected users.

If you have received an SMS from JCU, your account is one of those still affected and we require you to immediately change your JCU Account Password using the link provided below.

https://www.jcu.edu.au/information-and-communications-technology/secure-it/accounts-and-passwords/changing-your-password

Tuesday, 4 June 2019 6:58 PM

Communication issued to all Students, check your email for more information.

Monday, 3 June 2019 12:09 PM

Communication issued to all Students, check your email for more information.

Sunday 2 June 2019 3:58:48 PM

Communication issued to all Students, check your email for more information.

Background

On Sunday, we altered users to malicious emails targeting JCU students, attempting to steal your JCU password.

A common pattern in these malicious emails is the text “[Message Clipped]” in the body of the email, followed by an internet link to a malicious website designed to steal your JCU password.

We observe that a number of users have clicked on the internet link in these emails and entered their password. These are malicious emails and if you receive these emails, they must be deleted.

Other Impacts

Please also note that emails sent to staff/students or received by staff/students on Monday 3rd June between approximately 6:00 PM and 8:00 PM may not have been delivered. If you were expecting to receive or have sent an important email at this time, please resend it or contact the original sender. If something is missing, please contact the ICT Help Desk.

Due to efforts to respond to this incident and call volumes, response times from the ICT Help Desk may be delayed.

General Security Advice

  1. The most important action, if you are concerned about your JCU account, is to change your JCU password immediately. You can do this via the JCU Website by searching for “changing your password”.
  2. If you use your JCU password for other online services (e.g. Netflix, eBay, Uber), you should change those passwords as well, ideally a different password for each service.
  3. If you use your JCU account as the contact email for third-party services like Netflix, eBay, Uber etc. then these services may also be at risk. We recommend reviewing your account security and enabling step-up authentication (where available) and/or resetting those passwords as well.

Further information on the advice provided please refer to:

- Check back for updates.

Get help Please contact the IT Help Desk during business hours if you require further information.