General information and notifications
(Updated: 2 May 2023) REPOSIT now online again
................................................................................................................................................................................................
As a result of the cyber-attack, the verification process for REPOSIT, HAW Hamburg's institutional repository, had to be changed. The submission of new publications and changes to your own profile are now possible by logging in via ORCIDiD or a local account.
If you have an ORCID iD and had already added this to your REPOSIT profile (researcher profile) before the cyber-attack, you can simply use your your ORCID information to log in to REPOSIT. You can find a guide to doing this (in German) here.
If you do not have an ORCID iD or you would like to log in via a local account, please contact openscience (at) haw-hamburg (dot) de. The library staff will change the settings for your account.
REPOSIT itself was not a target of the cyber-attack: all of the data stored there is secure and complete. The service needed to be taken offline to ensure its security. This means that it is possible to access all of the documents (such as articles, final theses, research data, etc.).
However, because not all of the necessary configuration work has been completed, disruptions and delays can occur in some cases.
Library staff are providing regularly updated information about changes on the library's news page and the REPOSIT home page. In urgent cases you can contact openscience (at) haw-hamburg (dot) de.
(Updated: 27 April 2023) Password reset necessary for new HAW accounts
................................................................................................................................................................................................
Starting on 2 May, students will receive a notification that their current password for MS Teams and MS Office 365 is no longer valid. This is because the new HAW accounts need to be synchronised. The notification will not appear at a specific point in time, but rather at some time after 2 May. The password then simply needs to be reset.
You can reset the password very easily by signing in to office.com with your new Microsoft account and clicking 'Forgot password'. Using two-step verification, you can then enter a new password and continue using MS Office and other services that are already functioning with the new HAW user ID.
We recommend that you do not choose a new password for this reset and instead use the password you were given a few weeks ago in order to ensure that other programmes and services such as Übergangsmoodle or the Adobe licences continue to function. For subsequent resets it will no longer be possible to use the same password again.
You can find more information about resetting your password here:
https://support.microsoft.com/en-gb/account-billing/reset-a-forgotten-microsoft-account-password-eff4f067-5042-c1a3-fe72-b04d60556c37
The synchronisation is intended to make it possible to use other central tools and IT services at HAW Hamburg with a so-called single-sign-on process using the HAW user ID and password. These include library services from individual publishers and video conferencing systems such as Zoom.
(Updated: 23 March 2023) Password reset for employees following synchronisation of MS Office accounts!
................................................................................................................................................................................................
Due to synchronisation requirements, HAW Hamburg employees will receive a notification as of Thursday, 23 March that their current password for MS Teams and MS Office 365 is no longer valid. You can reset the password very easily by signing in to office.com with your new Microsoft account and clicking 'Forgot password'. Using two-step verification, you can then enter a new password and continue using MS Office and other services that are already functioning with the new HAW user ID.
We recommend that you do not choose a new password for this reset and instead use the password you were given a few weeks ago in order to ensure that other programmes and services such as Übergangsmoodle or the Adobe licences continue to function. For subsequent resets it will no longer be possible to use the same password again.
The synchronisation is intended to make it possible to use other central tools and IT services at HAW Hamburg with a so-called single-sign-on process using the HAW user ID and password. These include library services from individual publishers and video conferencing systems such as Zoom.
Please note that the synchronisation will initially only be carried out for employees in order to avoid overloading the servers. We will provide information here when the synchronisation of student accounts takes place.
(20 March 2023, 12:00 pm) Automatic forwarding to external email addresses not possible at the current time
................................................................................................................................................................................................
Please note that automatic forwarding to an external email address is not functioning at the moment. When forwarding is activated, it is not possible to receive any mails. The ITSC is currently working on a solution.
(Updated: 16 March 2023, 5:00 pm) Microsoft Office 365 and new HAW account: Password distribution for two-step verification
................................................................................................................................................................................................
Students and employees can now sign in with their new user ID and password and set up two-step verification at www.office.com. The new HAW account (w...123@haw-hamburg.de) also works for various other online services: Übergangsmoodle, myHAW (for students) and the Adobe licence.
(16 March 2023, 5:00 pm) First-semester students in the Faculty of Engineering and Computer Science, the Faculty of Business and Social Sciences (Berliner Tor Campus) and the Faculty of Design, Media and Information (Hamburg Art and Media Campus) can pick up their user ID and login information from 13 March 2023 at the Chip Card Services Office in the building at Stiftstraße 69. Opening hours: Mon–Thurs, 9:00 am–12:30 pm and 1:00 pm–4:00 pm; Fri, 9:00 am–12:30 pm and 1:00 pm–2:00 pm.
First-semester students in the Faculty of Life Sciences (Bergedorf Campus) can pick up their login information at the Faculty Service Office (Ulmenliet 20, rooms 0.12–0.14) during opening hours: Tues–Thurs, 10:00 am–12:00 pm.
Please note that at the moment, only those first-semester students who enrolled by 8 March 2023 are being issued a HAW account (w..123@haw-hamburg.de). Additional accounts will be created successively on a weekly basis.
What happened during the cyber-attack?
................................................................................................................................................................................................
At the end of December, the information and communications infrastructure at HAW Hamburg was targeted by hackers. This was determined on 29 December 2022. Based on what we know to date, the hackers used decentralised IT systems to manually work their way into HAW Hamburg's central IT and security systems via the network. Using this path, they also obtained the administrative rights for the central storage systems and compromised the central data storage. They then used the administrative rights to begin encrypting various virtualised platforms and deleting stored backups.
HAW Hamburg has filed a complaint with the cyber-crime division of the Landeskriminalamt. The Hamburg commissioner for data protection and freedom of information has been notified in compliance with article 33 of the General Data Protection Regulation, as has CERTnord, and the information about those impacted was published on 6 January 2023.
Upon the publication of personal information on the so-called darknet on 5 March 2023, those impacted were again informed pursuant to article 34 of the GDPR. Individuals will be personally notified by post if an analysis of the data indicates a high risk to their personal rights and freedoms.
IT updates
(Updated: 15 March 2023) myHAW now available again with limited functions
................................................................................................................................................................................................
Students can now use their new HAW account (w...123@haw-hamburg.de) to sign into myHAW via myhaw.haw.tuhh.de.
In addition to the access code for the energy-costs subsidy, you can also find your enrolment and BAföG (student financial aid) certificates on myHAW. It is also possible to change your address and submit leave and deregistration requests.
It is not currently possible to view your grades or to register for courses via myHAW.
If you have only recently applied and do not yet have a HAW account, please continue to use the button at the top right side of the web page – for example, to download your letter of acceptance. Please note that you need to be enrolled as a student in order to download certificates and applications following login to your HAW account.
(Updated: 6 March 2023) Temporary Moodle platform is now available
................................................................................................................................................................................................
Together with the ITSC, the staff of the KOMWEID project have built a new virtual learning environment (Übergangsmoodle), which has been online since 6 March: moodle.haw-hamburg.de.
Instructors can upload their course materials to the new platform.
Students will receive the enrolment codes for their courses from their instructors at the beginning of the semester.
(Updated: 1 March 2023) Using Adobe products
................................................................................................................................................................................................
The new installation of Microsoft 365 has also changed the verification process for Adobe products. HAW Hamburg employees can now use the same login information for Adobe as for Microsoft 365 (w...123@haw-hamburg.de, the new password and two-step verification).
Students who use Adobe products through the HAW Hamburg network also need to use their new user ID to log in.
(Updated: 20 February 2023) New installation of MS Teams and Office 365: New user IT and two-step verification
................................................................................................................................................................................................
Students and employees can now sign in with their new user ID and password and set up two-step verification at www.office.com. The new HAW account (w...123@haw-hamburg.de) also works for various other online services: Übergangsmoodle, myHAW (for students) and the Adobe licence.
Information about the new HAW account and two-step verification
(Updated: 19 January 2023, 3:00 pm) Network printers
................................................................................................................................................................................................
All of the multifunctional printers have been checked by the manufacturer for malware. It is now possible to copy and to print documents by putting them on a USB stick and connecting this to the printer. The printers will remain disconnected from the network.
(Updated: 13 January 2023, 11:00 am) WLAN at the university
................................................................................................................................................................................................
The WLAN network is now available again and is functioning properly across the entire university.
Because the identity management system has not yet been rebuilt, a QR code that can be used to log in is posted at the university.
Please note: Even with access to the WLAN network, it is still not possible to access the HAW Hamburg server. The university is simply providing Internet access.
(Updated: 10 January 2023, 2:00 pm) Landlines
................................................................................................................................................................................................
The landlines at HAW Hamburg are now working again. You can receive and make calls both within the university and externally. However, because the configuration servers that control the telephones are currently not available, it is not possible to change the settings at the moment.
IT security information
Common scams
................................................................................................................................................................................................
During the cyber-attack on HAW Hamburg's IT infrastructure, the attackers accessed the university's central IT systems. Since 5 March 2023, we have been aware that data stolen during the attack have been published on the so-called darknet (please see the information provided pursuant to article 34 of the GDPR on 9 March 2023). In some cases criminals use stolen data for fraudulent activities such as phishing mails or to purchase items on the Internet using a fake identity.
We therefore want to ask you once again to be particularly vigilant. In the following, we provide information about common scams and how you should respond:
A. Phone calls (from an individual or an automated voice)
Criminals are increasingly pretending to be officers from Europol, Interpol or the Federal Criminal Police Office (BKA). This type of fake call could be connected to the cyber-attack at HAW Hamburg but doesn't necessarily have to be. Please remember: The police and other investigative agencies will never call you or require you to provide personal information via telephone. Nor do other government agencies and banks make such calls. If you follow the instructions, you may unknowingly be redirected to a number charging very high fees. Additionally, the perpetrators may also attempt to obtain additional information from you during the call in order to use it for other criminal activities.
How should you respond?
1. Do not follow the instructions, do not become caught up in a conversation and do not provide any information. Note the caller's number and hang up.
2. Block the number and block any other numbers that have contacted you against your wishes.
3. You can also submit a complaint about the number to the Bundesnetzagentur.
B. Commercial fraud on the Internet
In many cases, stolen personal and address information is also used to commit commercial fraud on the Internet – that is, to purchase items on the Internet in another person's name. The perpetrators order products and have them delivered to a package pick-up station or an alternative address. The invoices or, in some cases, collection letters then go to the unwitting victim of the theft.
How should you respond?
- Make a report to the police immediately if your identity has been used fraudulently. In your report to the police, please note the police file number for the cyber-attack (LKA541/1K/0870845/2022) if it is possible that the fraud could be linked to the cyber-attack at HAW Hamburg and the publication of your information on the darknet.
- If you have received invoices, warnings or packages that you have not ordered, contact the company that sent them (be careful with supposed invoices that have been sent to you via email, as mails with the subject line 'Invoice' frequently contain files that can install malware on your device).
- Keep in mind that any legal collection notices you may have received must be objected to before the applicable deadline.
- Report identity fraud to the large credit agencies. You can find the forms for doing so at schufa.de and crifbuergel.de. If you would like to be certain that your identity has not been used to carry out criminal activities such as Internet fraud you can, after waiting a while, request a free credit report from the main credit agencies such as Schufa or CRIF in order to determine if unknown criminals have been using your name for their activities.
- If you discover that fraud has been carried out in your name, it can also be worthwhile to request a so-called 'Einmeldung' (logging of the information) at the bigger credit agencies to make it more difficult for unknown criminals to misuse your identity.
- Please bear in mind, though, that in this case companies with which you wish to conduct business and set up contracts will also be informed by the credit agencies that you have been the victim of identity fraud. This can result in your own contracts being subjected to more rigorous controls. This may mean that additional documents or proof of identity are requested and the processing time is longer.
C. Phishing attempts
Phishing is when a third party uses fake websites, emails or text messages to impersonate trustworthy individuals, companies or organisations. The goal of the attacker in such cases is to obtain additional personal information or to infect your device with malware.
How should you respond?
- Always check the sender of the emails you receive by clicking on the sender's address. But please also note that even familiar sender addresses can be faked or used without permission by unauthorised people.
- Pay attention to spelling mistakes or other conspicuous details (e.g. no greeting, different language, supposed urgency), which usually indicate that it is a phishing mail.
- Do not open any attachments or links in suspicious emails. These can contain malware, which can damage your device or extract personal information such as bank account details from your device, which are then used for criminal activities.
- If you are unsure, use another mode of contact (e.g. phone) to ask if the email really is from the supposed sender.
Personal computers
................................................................................................................................................................................................
Based on the information available at this time, the risk to your personal computer is currently no greater than usual. This is also the case for devices that are or were connected to the university WLAN and/or which are/were used to access applications used at the university, such as MS Teams. In addition to the information about using your device, please also observe the security tips regarding phishing mails and fraud attempts. The HAW Hamburg ITSC offers the following security-related pointers for your personal computer/laptop:
1. Check your device and your removable storage devices with antivirus software
Check whether your device has been infected with malware. In addition to your device, you should also check the data on USB sticks and other removable storage devices you have used. Numerous antivirus programmes are available which can help identify whether your device or storage device has been compromised.
HAW Hamburg has a campus licence for the Sophos antivirus software. The campus licence allows all HAW Hamburg staff and students to use the Sophos software free of charge, both at the university and at home:
Information about installing the Sophos antivirus software.
A list of other virus scanners for different operating systems is provided here:
List of Windows antivirus programmes (Chip.de)
List of macOS antivirus programmes (Chip.de)
It is possible that you will receive a malware notification on your device when you check it. However, such notifications are not necessarily all linked to the cyber-attack on HAW Hamburg. Only specific notifications may be related to the malware used for the cyber-attack.
If the antivirus software cannot delete or neutralise the malware identified, please contact: ticket (at) haw-hamburg (dot) de
2. Change your passwords
Change your passwords for all programmes used internally at the university and use only secure passwords. Please make especially sure to change your password for MS Teams and avoid using passwords that you have already used. For guidance on choosing secure passwords, please see the information from the Federal Office for Information Security: Creating secure passwords
3. Use an up-to-date operating system and carry out the security updates
Carry out regular security updates for your computer's operating system. The big companies (Microsoft, Apple, Linus) provide monthly updates at set intervals which remedy security gaps in the systems without requiring that the device be reset. If you update your smartphone and computer regularly, they are protected against threats from the Internet and won't become infected with malware in the first place.
Once you have carried out these steps, you can work safely using your device.
As a general measure, HAW Hamburg's ITSC recommends implementing a further level of protection for using your computer or laptop:
- Create a backup of the data from your device using a USB stick or other removable storage device.
- Check the data on the external device using an antivirus scanner. You can follow the steps outlined above to do this.
- If your device has been infected with a virus and the antivirus programme cannot neutralised the malware it has detected, it is recommended that you reset the device. You can use the following guidelines to do so, regardless of which operating system you have:
Guidelines for Windows devices
Guidelines for Linux Ubuntu devices
You can find more information about using your computer safely on the Federal Office for Information Security website.
Centrally administered computers
................................................................................................................................................................................................
The ITSC has provided the following guidelines for the secure use of computers that are administered centrally by the ITSC:
1. Turn on your device and sign in locally.
2. Turn off the proxy setting on your device. (instructions in pictures)
- a. To do this, select the search function, which is located on the Start menu.
- b. Enter 'proxy' in the search field. The field 'Proxyeinstellungen ändern (Change proxy settings)' will appear.
- c. Select this field.
- d. Deactivate the options 'Einstellungen automatisch erkennen (Automatically recognise settings' and 'Proxyserver verwenden (Use proxy server)'.
3. Check your device using the Sophos virus scanner
A virus scanner from Sophos is installed on your device. Use this to scan your computer for malware. The Sophos virus scanner works with so-called virus signatures, which means that it contains a database with the fingerprints of all known viruses. It can therefore automatically recognise the virus signature of the malware used in the cyber-attack on HAW Hamburg.
Update from 27 January 2023: At the moment, Sophos cannot be updated or is not available on some computers. For this reason, USB sticks with the current version of Sophos will be distributed in the various departments and units at the university on 30 January 2023. On those computers labelled 'ITSC...-...-', the virus scan needs to be carried out by an ITSC staff member. Appointments are currently being organised. On all other computers, the user can carry out the scan using the USB stick.
4. If your device is infected with malware, please contact the ITSC
If the Sophos virus scanner notifies you that it has detected malware, please contact the ITSC at the following address: ticket (at) haw-hamburg (dot) de
After taking these steps, you can work safely with your device. You can use it securely with both the HAW Hamburg WLAN and your private WLAN.
Email data
................................................................................................................................................................................................
Thousands of passwords, user names and accounts are hacked each year. Social networks and entertainment sites are among the most common targets of phishing attempts. There are various online portals you can use to check whether your email address has been compromised. They compile information about known leaks and make it possible to search for email addresses. One of the most comprehensive services is Have I been Pwned?, which you can find at haveibeenpwned.com.
If you receive the notification 'Oh no – pwned', this means that the email address has been published in one or more leaks. Information about which leak this was is indicated on the website. In this case, what applies for everyone is even more important for you:
- Select a strong password.
- Use two-factor authentication whenever possible.
- Select the 'Subscribe to notification' option from haveibeenpwned.com.
The website outlines these points under '3 steps to better security'.
Contact people for questions regarding the security of your computer
................................................................................................................................................................................................
The Rechenzentrum Bergedorf can be contacted via this email address: rz (at) ls-haw-hamburg (dot) de
In the other faculties, please contact the person/unit that issued you the computer/device. If you are not able to identify a contact person via this route, you can send a mail to ticket (at) haw-hamburg (dot) de. Please be sure to indicate whether you are an employee as well as the department or administrative unit you work for.
Students and employees who are having problems with their private computer can also contact ticket (at) haw-hamburg (dot) de
Notifications
Information pursuant to article 34 of the GDPR regarding the security incident at the Hamburg University of Applied Sciences (HAW Hamburg) – 9 March 2023 Information pursuant to article 34 of the GDPR regarding the security incident at the Hamburg University of Applied Sciences (HAW Hamburg) – 6 Jan 2023Questions about myHAW
Change of address, semester ticket, certificates, etc.