The passwords that were stolen are passwords A and B respectively to the University's various computer systems. Stolen passwords can be used for targeted phishing attacks against the University.

It is likely that the passwords were too simple and therefore relatively easy to crack or guess. Alternatively, the passwords have been reused and stolen in previous attacks on other systems.

Employees whose passwords have been stolen are blocked and have to change passwords A and B.

If you suspect that you have been affected, please contact the Security and safety division immediately at security@uu.se for assistance.