Dear Faculty, Members, Visitors, and Staff,
Many of you received this email from Brightly, the company that runs Schooldude our maintenance and scheduling application. This is a legitimate email from the company.
The advice they give is good. They have locked your Schooldude account and you'll need to reset the passphrase the next time you log in. Your IAS account credentials are not affected.
More importantly is their message about other places you have used this passphrase. If you used your IAS passphrase for Schooldude, or used your Schooldude passphrase for any of your other work or personal accounts, it is important to change it at those places as well. We always recommend using a unique passphrase for every service you log into for this reason.
Lastly, please be on the lookout for scams and phishing to your email address and phone (calls or texts).
If you have any questions or need help resetting your passphrase, please contact your school's IT helpdesk.
https://www.ias.edu/campus-resources/ias-computing
Thanks, and safe computing!
Brian
Resources:
This email on the IAS website
How to spot a phish
--
Brian Epstein <bepstein@ias.edu> (he/him) +1 609-734-8179
Manager, Network and Security, CISO Institute for Advanced Study
Key fingerprint = 5CD3 1511 CFCD 9388 1A53 7A45 3137 D4CC C418 A386
From: "Brightly Software" <hello@brightlysoftware.com>
To: "Brian Epstein" <bepstein@ias.edu>
Sent: Thursday, May 11, 2023 12:28:22 AM
Subject: IMPORTANT NOTICE: Notification of Security Incident
| |
|
Past and present SchoolDude users,
We at Brightly Software are writing to let you know about a recent security incident affecting an account you have on our SchoolDude application (schooldude.com), an online platform used by educational institutions for placing and tracking maintenance work orders. The incident involved an unauthorized actor obtaining certain account information from the SchoolDude user database. Our investigation has determined that you are a current or former SchoolDude user whose account was among those affected.
The account information believed to have been obtained in the incident includes:
- Name
- Email address
- Account password
- Phone number (if added to the account)
- School district name
We want to assure you that the security of our user information is very important to us. We have reported this incident to law enforcement authorities, and we have engaged industry-leading security experts to help us ensure that we are taking all appropriate steps to investigate and remediate the incident. As part of our remediation efforts, please note that we have reset the passwords for all SchoolDude user accounts. You will therefore need to change your password in order to continue using the application. To do so, please visit login.schooldude.com and click on “Forgot Login Name or Password?” to send a password reset link to your email account.
Because passwords were affected in this incident, we are writing to remind you of the importance of using a strong and unique password for each online account you maintain. (For more information, please see https://consumer.ftc.gov/articles/password-checklist.) If you are currently using your SchoolDude password for any other online account, we recommend that you promptly change your passwords on those other accounts. And, as always with email and text messages, users should be vigilant against potential phishing and other scams: if you see a suspicious message, don’t respond to the sender or click on any link it contains.
We sincerely regret that this incident has occurred, and we are committed to addressing any user concerns. If you have questions about the incident, please call 1-888-220-5278 for further information.
Sincerely,
The Brightly Team |
| |
|
| |
| |
|
© Copyright 2023 Brightly Software
11000 Regency Parkway, Suite 300, Cary, NC 27518
|
|
|
| |
|
|
