A massive collection of passwords has leaked online, after a user posted 8.4 billion password entries onto a popular hacker forum. Exposed credentials could include private login information for Gmail, Facebook, Apple, Paypal, and more. Read more about the breach at the following link: Hackers expose 8.4 billion passwords online — your security is at risk | Laptop Mag
Why is the OIS department notifying you?
Harrisburg University has deployed multi-factor authentication and location-based policies to protect HU Office 365 accounts. Those security features mitigate the risk of someone gaining access to your account even if they were to steal the password. However, we cannot enforce these policies for employee’s personal email accounts. To view sites where your personal account password may have been leaked in the recent breach visit Have I Been Pwned. This site will allow you to enter your personal email address or phone number to see if it was listed in any data breach. If your accounts is listed as breached we recommend immediately changing your password on the listed site. OIS always suggest enabling multi-factor authentication with personal accounts if the feature is offered.
To provide another layer of security, OIS discourage you from using your HU email address for any personal, non work related accounts. If you have not already done so, you can configure your HU Office 365 account to use the Microsoft Authenticator application. This is Microsoft’s most secure second factor of authentication. More can be read at the following solution article: MFA : Harrisburg University IT Helpdesk.
As always, questions can be addressed to the Helpdesk at https://ithelp.harrisburgu.edu/.