The hackers who penetrated the systems of the University of Amsterdam (UvA) and the Hogeschool van Amsterdam (HvA) may have obtained the encrypted passwords of students and employees. They could access it, but whether they have abused it, we do not know, says a spokesman.
Both settings prompt all users to change their passwords as a precaution. Despite the encryption, hackers could take advantage of it, they say.
If the UvA or HvA password is the same as the password used for another account, it is wise to change that too, the UvA says in a Twitter message.
“It very much depends on how well the passwords are secured,” says NOS tech editor Joost Schellevis. “This can vary from easy to crack to practically unhackable.” He hopes that the call to change identical passwords from other accounts is not a sign that the passwords were poorly secured.
The educational institutions reported the hack on their website last week. How big it is and who is behind it is not yet clear.