There are plenty of reasons and opportunities for hackers to break into the digital BURG and steal data. They gain access through phishing, malware, locks that are easy to crack and inappropriate file storage.

Credits: Nora Prinz

Hackers have different intentions:

Access to personal data
Identity theft is a crime where attackers abuse the personal data of their victims, often at the victim's cost. Criminals steal data from online accounts and use their victim's identity to use their credit card or take out credits in their name, for example.

Access to research, projects, collaborations
Valuable intellectual property from teaching and research or from collaboration partners is at risk.

Access to funds
Universities manage large amounts of money in form of tuition fees, funding or donations and are therefore a great source of money.

Access to networks
Access to the BURG system enables access to other connected systems, computers and institutions.

Damaging reputation
Sensitive data can be published or manipulated and published. Not only a victim's data is used. Also threatening a victim with publishing information is a way to get blackmail money.

Symptoms of being hacked:

  • Unauthorised changes to the account
  • Messages from your own account not sent by yourself 
  • Problems logging in
  • Missing messages
  • Notifications about password changes or suspicious device behaviour (pop-up windows, device crashes, error messages)
  • The device has been stolen

 

If these symptoms appear, the following steps should be taken:

  • Do not use the computer for now, and do not exchange any sensitive information on it.
  • Immediately change the password and update other passwords, especially if they are linked to the hacked computer. For more information, we recommend the article on tips for secure passwords.
  • Describe the case via email or visit the Rechenzentrum personally with your device.

 

If access to the account or device is not possible

  • Switch off the device and all connected devices. Unplug everything from the device and visit the Rechenzentrum with your device.


Further tips:
The website "Have I Been Pwned"” [https://haveibeenpwned.com] allows you to check if you have an account on a website whose data has been published due to a security problem.