The Office of Information Technology was notified in mid-January about an information security threat on a commercially purchased system. OIT conducted extensive analysis and determined that the system was compromised from January 11-14, 2020. The affected system does not store university records or personal information but does process network traffic, including logins.
There is no evidence passwords have been compromised as a result of this event. In addition, UT’s recent implementation of two-factor authentication (2FA) adds another layer of protection against such a threat.
Out of an abundance of caution, users who logged in between January 11-14, 2020, will be asked to change their passwords. Affected users will be notified directly in the next few days.
If you changed your password after January 16 at 4:30 pm EST, you do not need to change your password again.
What students should do
Change your password online by the end of February 2020. If you do not change your password by the deadline, you will not be able to log into any centrally authenticated service such as Canvas and MyUTK until you create a new password.
All other students
OIT recommends that you change your NetID password online before the end of February 2020.
What faculty and staff should do
Change your NetID password by the end of February 2020*.
*If you changed your password after January 16 at 4:30 pm EST, you do not need to change your password again.
Option 1: If you know your Windows computer authenticates using the UTK Active Directory*, follow these instructions:
- From your computer, hold the Ctrl-Alt-Delete buttons
- Choose the option to Change Your Password
- Enter your old password to authenticate, then enter and verify your new password.*If these instructions apply to you, OIT recommends that you only change your password while on-campus.
Option 2: If you know your password and are unsure if your computer is in Active Directory, change your NetID password online.
If you do not change your password by the deadline, you will not be able to log into any centrally authenticated service such as Canvas, MyUTK, and Banner until you create a new password.
- If you know your Windows computer authenticates using the UTK Active Directory*, follow the direction above.
- If your computer is not in the UTK Active Directory, you create a new password online.
- Remember, with two-factor authentication, if you use a new 12-character (or more) password, you will not be asked to periodically change it.
- Never give your password to anyone.
- Do not use the same password that you use for your personal accounts such as your social media.
Contact the OIT HelpDesk if you need assistance and thank you again for your patience and assistance.