May 3, 2017 - A attacker discovered a programming error in Google’s login process and used it to create a cascade of phishing messages worldwide.
On May 3, an attacker discovered a programming error in Google’s login process and used it to create a cascade of phishing messages. This vulnerability affected millions of people around the world. Unfortunately, the only way to protect an account after it has been successfully targeted by the attackers, is to reset the password and to invalidate all existing logged in sessions.
Adelphi’s information security team is working to identify the accounts that were affected and will require all accounts that were likely to be impacted to reset their passwords.
If you are unable to log in to your @adelphi.edu or your @mail.adelphi.edu account and remember seeing this phishing message, there is a chance that you will have to reset your password. Detailed instructions on how to regain access to your account can be found at it.adelphi.edu/catalog/login.
Once you have reset your password and regained access to your Gmail account, please visit myaccount.google.com/permissions and review the apps that are connected to your account. Revoke access to any questionable apps by clicking the name of the app, then clicking the blue “REMOVE” button that appears.
Reviewing your connected apps a few times per year is good practice and it can help protect your privacy at home, as well as at Adelphi.
Some of the many places at which more information about the software bug can be found include:
We will update this post with additional information, as needed.