A search engine containing ‘millions of Dutch passwords’ has appeared online. If a password is linked to an email address, the first two characters are shown. Following this news, the UvA’s ICTS Services has carried out an investigation.
The investigation has revealed a few hundred UvA mail addresses in the database. It has further been revealed that the mail addresses are old and were stolen duriong earlier hacks of, among others, LinkedIn and DropBox in 2012. The addresses in the database will be closely investigated and if any are found to still be active, their users will be requested to change their passwords.
This event again shows how important it is for users to be aware of internet privacy and the importance of being careful with accounts and passwords at home and at work. The UvA advises users to change their passwords at least once a year, to refrain from using their UvA account to log in to external services and to use different passwords.
For more information on ICT Security, please see your A-Z list.