Press "Enter" to skip to content

Student Email Disabled After Possible Security Breach

By Caroline Ryan
Co-Editor-In-Chief

Early in January, undergraduate students attempting to access their LIU email accounts were unable to do so. Abagail Van Vlerah, dean of students, sent an email to students on Jan. 2 cryptically explaining that because “a file with undergraduate student information was inadvertently emailed to some LIU undergraduate students,” the university responded by “disabling access to my.LIU and implemented a password reset for all undergraduate accounts.” All student email accounts were disabled and had to be reset.

Van Vlerah did not state who “inadvertently” sent the file with undergraduate student information, what the file contained or how many LIU undergraduate students received the file. In her email, Van Vlerah stated that “only a limited number of recipients opened the [erroneously sent] email” and “no password, social security, credit card or bank information was disclosed.” Students also received the same message from Van Vlerah in a letter mailed to their homes notifying them that they needed to reactivate their school email accounts.

The deactivation of the LIU email accounts left many students concerned as to why they couldn’t log in or were not sent an email warning before the accounts were disabled. “The system shouldn’t have been down and we don’t even know if our personal information got compromised,” junior nutrition major, Alexi Stiliadis said.

Alexa Romano, a junior English major who had trouble logging into her account, posted an inquiry on Facebook asking if other students were having trouble logging in. “I personally found it frustrating not knowing ahead of time that they were deactivating our accounts. They should have been more aware of leaking private information,” she said.

In an effort to understand how a file with undergraduate student information could be inadvertently emailed to students, or why the disabling of all student emails was required in response, the Pioneer contacted computer science professor, Christopher Malinowski. Malinowski stated that although he doesn’t know how LIU servers are implemented, “emails often may contain context which are used to spread malware. It may be the case that the hosting email server may have been compromised, in which case accounts may be disabled in order to reconstruct the server base. Much of the rationale behind disabling accounts depends on the nature of the incident or intrusion.”

The university’s Vice President for Information Technology, George Baroundi, did not respond to the Pioneer’s inquiries about the emailing of the file with undergraduate information or the university’s response of disabling student emails. Instead, he said that since this was not a technology breach, all questions should be referred to the dean of students. Van Vlerah responded to the Pioneer’s inquiries by re-sending her Jan. 2 email.

For further assistance with technical issues or questions, students may contact the IT Help Desk at IT@LIU.edu.

 

Be First to Comment

Leave a Reply

Your email address will not be published. Required fields are marked *