Avoid using Rice NetID and password on other sites

Rice students, faculty and staff who use their Rice NetID and password for external sites like Facebook, Amazon and LinkedIn are at risk of having their Rice email account accessed by others.

Carlyn Chatfield, manager of IT Technical Communications for Rice, alerted the Rice community of this risk in an email April 2 and encouraged people to change their Rice password if they’re using the same password elsewhere – especially if they have not changed their Rice NetID password in the last 24 months.

“The IT Security Office discovered Rice accounts are being used to send phishing and malicious email messages  — a result of security breaches at Adobe, LinkedIn, Facebook and other non-Rice services,” Chatfield said. “The compromised accounts have been linked to Rice faculty, staff, student and retiree account activity on popular external sites where their account information is exactly the same as their Rice NetID email and password. The stolen Rice email addresses and passwords were shared with other criminals through sites like Pastebin and then used to attack Rice resources or to send out emails under Rice community members’ names and addresses.”

Chatfield said students and employees should change their Rice password periodically and choose a password they don’t use for their other accounts. “It may be more inconvenient to remember two different passwords, but if your account gets hacked, the inconvenience for you and the university will be even greater,” she said.

If you can’t remember your password or need other assistance to change it, go to apply.rice.edu or call the Help Desk at 713-348-4357 between 9 a.m. and 5 p.m. Monday through Friday.

About B.J. Almond

B.J. Almond is senior director of news and media relations in Rice University's Office of Public Affairs.