Illegally obtained data including personal data of people with an Inholland Moodle account are exposed and possibly being sold. Please find below answers to the most frequently asked questions.
Please check Iris for updated questions and answers.
It regards an illegally obtained data file containing personal information of Inholland Moodle-users. This file is now exposed online and possibly being sold. The investigation of what exactly happened is still ongoing.
It concerns the following personal data: mail address, first name and last name. If you have placed additional personal data in your Inholland Moodle profile yourself, this data is also part of the data breach.
Malicious people could perhaps use your data to send out phishing emails.
Please pay special attention to matters that might seem dodgy to you. Stay alert when it comes to emails that request you to enter data, to make payments by clicking on links and opening attachments. A lot of times you cannot distinguish these messages from being truth or false. If you have any doubts: do not click on the link!
We have put some measures in place to limit the consequences of this data breach:
It’s always smart to regularly update and change your passwords. Based on forensic investigation conducted in response to the data breach of 1 March, it is not necessary right now to change your Inholland password.
The encrypted passwords from a small group of Moodle users without an Inholland account, but with a Moodle account at Inholland, has been exposed and possibly sold. This group is informed separately.
Via the data sets 791 encrypted passwords have been compromised. It concerns Moodle-accounts of external parties. They have been personally informed.
Due to the investigation of the data breach we had to necessarily install and test Moodle again which caused the temporarily shut down. down.
Yes the necessary maintenance activities of Moodle are finished which means Mahara is also accessible again.
Unfortunately we found out during the maintenance activities that a part of the data could not be restored. For you specifically, this means all of your actions that you carried out in Mahara from Wednesday 3 March 2021 00:00 until Saturday morning 6 March 10:00 has not been saved. All actions carried out before that timeframe have been saved and are available in your own Mahara environment.
In case you did carry out activities in above mentioned timeframe, you will unfortunately have to carry out those activities again. We can imagine how annoying this is and we hope this isn’t causing too much of an inconvenience to you.
This is a legit request. The requests for monthly payment of tuitions fees has been sent. As a verification, you could always check if the sender of last month is the same as this month.
I have received some strange requests via my mobile phone number and/or private email address, has this been hacked as well?
The data that has been hacked with your Inholland Moodle account are: your Inholland email address, first name and last name. In case you have added additional personal details in your Inholland Moodle account, then these data have also been hacked as it has been part of the data breach. You could verify this in Moodle by checking your profile.
1. Head to moodle.inholland.nl, click top right on your profile photo and select profile.
2. In the new window, select the option ‘Edit profile’
3. Here you will find all filled in profile details. If you scroll down below you can also see the additional data.
Tip: Remove all extra information that are not requested for Moodle.
Measures have been put in place to solve this vulnerability issue, a two-factor authentication is part of the security process for the administrators accounts. Regarding user accounts, our investigation has shown this vulnerability issue doesn’t apply here.
Yes. The search functionality within Moodle and plagiarism scanner ‘Urkund’ are restored and work properly again.
Due to the urgent maintenance of last week the plagiarism scanner ‘Urkund’ didn’t function properly between Thursday 4 March 00:00 and Friday 5 March 12:35. In case you have uploaded a document during this timeframe but it didn’t save the document, we recommend you to upload the document once again.
For a complete overview of questions you could also take a look on Knowledge Base.