Here are the frequently asked questions (FAQs) regarding the cyber-attack on KTU (continuously updated):
The incident may have allowed malicious persons to gain unauthorised access to the following data of University employees: name, surname, personal identification number, residential address, telephone number, e-mail address, registration number of private cars. For your security, we recommend that you treat the data as leaked.
The data was stored in KTU information systems.
The document and process management system stores data related to an employee’s employment relationship, such as: name, surname, personal identification number, residential address, marital status, educational data, telephone number, e-mail address, and license plate number of personal cars. Copies of personal documents were not stored in the DPMS (Document and Process Management System).
Leaks of this data may expose the University community to cases where, without their knowledge or consent, attempts may be made to act on their behalf, or even to impersonate an employee.
This also depends on what personal data is lost. Though treating the data as leaked, we hereby confirm that the criminals will not be able to log into KTU systems on your behalf, or try to guess whether your KTU password will work on other systems.
Please also note that even if you have a person’s personal identification number, this information is not considered as sufficient basis to perform further criminal acts on your behalf or to commit so-called “identity theft”. Most major KTU systems have two-factor authentication, so that a person can authenticate his or her identity through another channel – e.g. a person can authenticate by other means, such as SMS, link confirmation in an email, etc.
Only having your email address can increase the number of attempts to:
To manage the impact of the cyber incident:
The following actions have been completed to protect the data:
Images of personal documents may have been stored on workstation computers. We reiterate that personal document images were not stored in an organised structure in the IT systems of KTU.
We recommend you to change all your passwords if they are the same as the ones you have used on KTU systems and use multi-factor authentication where possible (login confirmations by SMS or other email address, biometric authentication on phones, etc.).
Personal code. There is a chance that malicious people can act on your behalf. If necessary, you can use the Bank of Lithuania’s “STOP Consumer Credit” service, which helps you to avoid buying fast loans, leases or other services without your knowledge or consent.
Telephone number. You are likely to receive more unwanted text messages (SMS) and/or calls. We recommend that you remain vigilant and be critical to the information presented to you by strangers. If you have received a text message from an unknown number with a link or attached document, we recommend not opening it.
Email address. You are likely to receive more unwanted content (spam) in your email. Be especially careful with emails from strangers. We recommend you not to open any links or documents attached to such emails.
At the moment of speaking it is not possible to exactly enlist which data has been leaked. If you want to find out what personal data has been stored in the University systems, please submit a request to the University’s Data Protection Officers at: duomenu.apsauga@ktu.lt or gdpr@privacypartners.lt. Once we have contacted and identified you, we will be able to provide you with the requested information within a month after receiving your request.
Our internal investigation did not reveal that user account passwords were leaked. However, for data security reasons, we recommend you to change your passwords that match the ones you used to log in to KTU systems.
How to change your password using an external personal email:
If you are unable to change your password:
We will only be able to complete your data in the registration system if we receive your email from your assigned KTU work email address name.surname@ktu.lt – by doing so, you confirm your identity and that you are aware and understand that this data will be processed by the University for the purpose of verifying the user’s identity in the University’s IT systems.
We will send an information email to your KTU email address and you will then be able to change your password using your external personal email address as described above. You will only be able to use the KTU SSO single sign-on system to access KTU IS and IT services after updating your password.