Faster blocks on compromised NetID accounts
As of August 1, 2016, access to Cornell NetID accounts will be blocked as soon as there are indications the account has been compromised. A password reset through the IT Service Desk will be required to regain access. This change is necessary in order to reduce the impact when members of the Cornell community have their NetID passwords stolen.
Previously, the IT Security Office would first attempt to contact the person whose NetID password had been stolen. With the growing intensity and sophistication of cyberattacks and cybercrime, particularly well-crafted and targeted phishes, it's been found that the primary outcome of this approach is to allow the password thieves more time to do bad things.
The activities for which stolen NetID/password combinations are used can result in lost money or damaged reputation for the individual or the university. The consequences can spill over and affect large groups at Cornell, with fallout ranging from being a monetary drain to causing our email system to be seen as a source of spam and blocked by outside email services.
When a password is reset to protect a compromised account, to regain access, the account holder will need to contact the IT Service Desk.
IT@Cornell Security Office