General information and notifications
(Updated: 23 March 2023) Password reset necessary following synchronisation of MS Office accounts!
................................................................................................................................................................................................
Due to synchronisation requirements, HAW Hamburg employees will receive a notification as of Thursday, 23 March that their current password for MS Teams and MS Office 365 is no longer valid. You can reset the password very easily by signing in to office.com with your new Microsoft account and clicking 'Forget password'. Using two-step verification, you can then enter a new password and continue using MS Office and other services that are already functioning with the new HAW user ID.
We recommend that you do not choose a new password for this reset and instead use the password you were given a few weeks ago in order to ensure that other programmes and services such as Übergangsmoodle or the Adobe licences continue to function. For subsequent resets it will no longer be possible to use the same password again.
The synchronisation is intended to make it possible to use other central tools and IT services at HAW Hamburg with a so-called single-sign-on process using the HAW user ID and password. These include library services from individual publishers and video conferencing systems such as Zoom.
Please note that the synchronisation will initially only be carried out for employees in order to avoid overloading the servers. We will provide information here when the synchronisation of student accounts takes place.
(20 March 2023, 12:00 pm) Automatic forwarding to external email addresses not possible at the current time
................................................................................................................................................................................................
Please note that automatic forwarding to an external email address is not functioning at the moment. When forwarding is activated, it is not possible to receive any mails. The ITSC is currently working on a solution.
(Updated: 16 March 2023, 5:00 pm) Microsoft Office 365 and new HAW account: Password distribution for two-step verification
................................................................................................................................................................................................
Students and employees can now sign in with their new user ID and password and set up two-step verification at www.office.com. The new HAW account (w...123@haw-hamburg.de) also works for various other online services: Übergangsmoodle, myHAW (for students) and the Adobe licence.
(16 March 2023, 5:00 pm) First-semester students in the Faculty of Engineering and Computer Science, the Faculty of Business and Social Sciences (Berliner Tor Campus) and the Faculty of Design, Media and Information (Hamburg Art and Media Campus) can pick up their user ID and login information from 13 March 2023 at the Chip Card Services Office in the building at Stiftstraße 69. Opening hours: Mon–Thurs, 9:00 am–12:30 pm and 1:00 pm–4:00 pm; Fri, 9:00 am–12:30 pm and 1:00 pm–2:00 pm.
First-semester students in the Faculty of Life Sciences (Bergedorf Campus) can pick up their login information at the Faculty Service Office (Ulmenliet 20, rooms 0.12–0.14) during opening hours: Tues–Thurs, 10:00 am–12:00 pm.
Please note that at the moment, only those first-semester students who enrolled by 8 March 2023 are being issued a HAW account (w..123@haw-hamburg.de). Additional accounts will be created successively on a weekly basis.
(Updated: 15 March 2023) Accessing myHAW and the code for the energy-costs subsidy for students
................................................................................................................................................................................................
Students can now use their new HAW user ID (w...123@haw-hamburg.de) to sign into myHAW via myhaw.haw.tuhh.de and obtain the access code for the energy-costs subsidy.
On the myHAW home page you will see a red button that says 'Login für Studierende' Please use this. You can sign in there with your new HAW user ID. Please note that the servers are not set up to allow all students to access the system at the same time, so there may be delays when you log in.
Detailed information about the energy-costs subsidy is available here.
Those students entitled to receive the payment who have set up their BundID account with a user name, password and email address but without the ELSTER certificate or an electronic personal ID also require a PIN to apply for the energy-costs subsidy. This will be sent to all eligible students by post beginning on 15 March 2023.
Limited use of myHAW
In addition to the access code for the energy-costs subsidy, you can also find your enrolment and BAföG (student financial aid) certificates on myHAW. It is also possible to change your address and submit leave and deregistration requests.
It is not currently possible to view your grades or to register for courses via myHAW.
If you have only recently applied and do not yet have a HAW account, please continue to use the button at the top right side of the web page – for example, to download your letter of acceptance. Please note that you need to be enrolled as a student in order to download certificates and applications following login to your HAW account. First-semester students are not entitled to receive the energy-costs subsidy.
In some cases you may not yet be able to sign in using the new HAW account. We will provide information here soon about who to contact if this occurs.
(Updated: 9 March 2023, 4:00 pm) Current information about leaked data
................................................................................................................................................................................................
Following the cyber-attack on HAW Hamburg at the end of December 2022, which saw hackers access the university’s internal IT systems and download data, some of that data has now been published on the darknet (on 5 March 2023).
The data is currently being analysed in order to determine which personal information has been stolen and published. In accordance with the information provided by us on 9 March 2023 pursuant to article 34 of the GDPR, you will be personally notified by post if an analysis of the data indicates a high risk to your personal rights and freedoms. If you do not receive notification in the coming weeks, you can assume that you have not been impacted. We will also provide information here once the notification process is complete so that this is also clear to you.
Please note that at the moment we cannot provide individual answers to what is likely your most pressing question: Have I been impacted? The employees who are carrying out the analysis have also been instructed not to provide individual information. The detailed analysis of the data will take some time due to the number of files, but it will definitely be carried out as quickly as possible.
In order to protect the data on your work computer, two-step verification was implemented at the end of February. To protect the data on your private laptop and smartphone, IT security guidelines were published on the HAW Hamburg website. These continue to apply.
More information will be provided on this page as soon as additional details about the data leak are available.
You can find additional information in our FAQs about the data leak.
(Updated: 8 March 2023, 1:00 pm) Open office hours for help with 'Übergangsmoodle' virtual learning environment
................................................................................................................................................................................................
Together with the ITSC, the staff of the KOMWEID project have built a new virtual learning environment (Übergangsmoodle), which will be online as of Monday, 6 March at 12:00 pm: moodle.haw-hamburg.de. After this time, instructors can upload their course materials to the new platform. The link to the contact people will also be activated as of 12:00 pm on 6 March.
Students will receive the enrolment code for their courses from their instructors at the beginning of the semester.
Office hours for instructors and students
The e-learning advisors and the KOMWEID team are offering open office hours for instructors and students who have questions about Übergangsmoodle:
27 March 2023 1:00 pm–2:00 pm
29 March 2023 5:00 pm–6:00 pm
31 March 2023 10:00 am–11:00 am
The office hours are being held in the 'Übergangsmoodle' MS Teams room.
Registration and course enrolment
Those who already have their new HAW user ID (w...123@haw-hamburg.de) need to click on 'Login' in the top right corner and then select Microsoft-Login on the subsequent page. Once you have signed in using two-step verification, which you are already familiar with from Office 365, a user account will automatically be set up in Übergangsmoodle. For each course, an empty course room will then be set up. All professors and instructors with a valid HAW Hamburg email address will be sent the login information and the corresponding enrolment codes for their courses via email.
Individuals without a HAW user ID can apply to their e-learning advisor to have an account and/or course room set up.
The e-learning advisors will also provide support if you have not received a mail with login information for course rooms by Monday, 6 March 2023 or if you would like to register a new course. In future you can apply to set up courses retroactively via an order button on the new platform. Please contact your e-learning advisor to do this until the function has been activated.
Course backups from EMIL
If you have saved course backups from EMIL locally, please note that you are NOT permitted to import these into Übergangsmoodle! The question of whether course materials from EMIL will be restored and imported into Übergangsmoodle is still under discussion. It is not expected that this will take place in the near future.
Backing up data in the new learning environment
The new platform allows instructors to independently back up courses and/or their content (automatic backups will also take place regardless). The backup files can be downloaded and stored locally and then uploaded to other, future courses or other Moodle platforms.
Who should I contact if I have questions?
Your e-learning advisor is available to assist you. Übergangsmoodle is being managed by Alexander Brehm and Nils Promer (KOMWEID).
What happened during the cyber-attack?
................................................................................................................................................................................................
At the end of December, the information and communications infrastructure at HAW Hamburg was targeted by hackers. This was determined on 29 December 2022. Based on what we know to date, the hackers used decentralised IT systems to manually work their way into HAW Hamburg's central IT and security systems via the network. Using this path, they also obtained the administrative rights for the central storage systems and compromised the central data storage. They then used the administrative rights to begin encrypting various virtualised platforms and deleting stored backups.
HAW Hamburg has filed a complaint with the cyber-crime division of the Landeskriminalamt. The Hamburg commissioner for data protection and freedom of information has been notified in compliance with article 33 of the General Data Protection Regulation, as has CERTnord, and the information about those impacted was published on 6 January 2023.
Upon the publication of personal information on the so-called darknet on 5 March 2023, those impacted were again informed pursuant to article 34 of the GDPR. Individuals will be personally notified by post if an analysis of the data indicates a high risk to their personal rights and freedoms.
IT updates
(Updated: 15 March 2023) myHAW now available again with limited functions
................................................................................................................................................................................................
Students can now use their new HAW account (w...123@haw-hamburg.de) to sign into myHAW via myhaw.haw.tuhh.de.
In addition to the access code for the energy-costs subsidy, you can also find your enrolment and BAföG (student financial aid) certificates on myHAW. It is also possible to change your address and submit leave and deregistration requests.
It is not currently possible to view your grades or to register for courses via myHAW.
If you have only recently applied and do not yet have a HAW account, please continue to use the button at the top right side of the web page – for example, to download your letter of acceptance. Please note that you need to be enrolled as a student in order to download certificates and applications following login to your HAW account.
(Updated: 6 March 2023) Temporary Moodle platform is now available
................................................................................................................................................................................................
Together with the ITSC, the staff of the KOMWEID project have built a new virtual learning environment (Übergangsmoodle), which has been online since 6 March: moodle.haw-hamburg.de.
Instructors can upload their course materials to the new platform.
Students will receive the enrolment codes for their courses from their instructors at the beginning of the semester.
(Updated: 1 March 2023) Using Adobe products
................................................................................................................................................................................................
The new installation of Microsoft 365 has also changed the verification process for Adobe products. HAW Hamburg employees can now use the same login information for Adobe as for Microsoft 365 (w...123@haw-hamburg.de, the new password and two-step verification).
Students who use Adobe products through the HAW Hamburg network also need to use their new user ID to log in.
(Updated: 20 February 2023) New installation of MS Teams and Office 365: New user IT and two-step verification
................................................................................................................................................................................................
Students and employees can now sign in with their new user ID and password and set up two-step verification at www.office.com. The new HAW account (w...123@haw-hamburg.de) also works for various other online services: Übergangsmoodle, myHAW (for students) and the Adobe licence.
Information about the new HAW account and two-step verification
(Updated: 19 January 2023, 3:00 pm) Network printers
................................................................................................................................................................................................
All of the multifunctional printers have been checked by the manufacturer for malware. It is now possible to copy and to print documents by putting them on a USB stick and connecting this to the printer. The printers will remain disconnected from the network.
(Updated: 13 January 2023, 11:00 am) WLAN at the university
................................................................................................................................................................................................
The WLAN network is now available again and is functioning properly across the entire university.
Because the identity management system has not yet been rebuilt, a QR code that can be used to log in is posted at the university.
Please note: Even with access to the WLAN network, it is still not possible to access the HAW Hamburg server. The university is simply providing Internet access.
(Updated: 10 January 2023, 2:00 pm) Landlines
................................................................................................................................................................................................
The landlines at HAW Hamburg are now working again. You can receive and make calls both within the university and externally. However, because the configuration servers that control the telephones are currently not available, it is not possible to change the settings at the moment.
IT security information
Personal computers
................................................................................................................................................................................................
Based on the information available at this time, the risk to your personal computer is currently no greater than usual. This is also the case for devices that are or were connected to the university WLAN and/or which are/were used to access applications used at the university, such as MS Teams. In addition to the information about using your device, please also observe the security tips regarding phishing mails and fraud attempts. The HAW Hamburg ITSC offers the following security-related pointers for your personal computer/laptop:
1. Check your device and your removable storage devices with antivirus software
Check whether your device has been infected with malware. In addition to your device, you should also check the data on USB sticks and other removable storage devices you have used. Numerous antivirus programmes are available which can help identify whether your device or storage device has been compromised.
HAW Hamburg has a campus licence for the Sophos antivirus software. The campus licence allows all HAW Hamburg staff and students to use the Sophos software free of charge, both at the university and at home:
Information about installing the Sophos antivirus software.
A list of other virus scanners for different operating systems is provided here:
List of Windows antivirus programmes (Chip.de)
List of macOS antivirus programmes (Chip.de)
It is possible that you will receive a malware notification on your device when you check it. However, such notifications are not necessarily all linked to the cyber-attack on HAW Hamburg. Only specific notifications may be related to the malware used for the cyber-attack.
If the antivirus software cannot delete or neutralise the malware identified, please contact: ticket (at) haw-hamburg (dot) de
2. Change your passwords
Change your passwords for all programmes used internally at the university and use only secure passwords. Please make especially sure to change your password for MS Teams and avoid using passwords that you have already used. For guidance on choosing secure passwords, please see the information from the Federal Office for Information Security: Creating secure passwords
3. Use an up-to-date operating system and carry out the security updates
Carry out regular security updates for your computer's operating system. The big companies (Microsoft, Apple, Linus) provide monthly updates at set intervals which remedy security gaps in the systems without requiring that the device be reset. If you update your smartphone and computer regularly, they are protected against threats from the Internet and won't become infected with malware in the first place.
Once you have carried out these steps, you can work safely using your device.
As a general measure, HAW Hamburg's ITSC recommends implementing a further level of protection for using your computer or laptop:
- Create a backup of the data from your device using a USB stick or other removable storage device.
- Check the data on the external device using an antivirus scanner. You can follow the steps outlined above to do this.
- If your device has been infected with a virus and the antivirus programme cannot neutralised the malware it has detected, it is recommended that you reset the device. You can use the following guidelines to do so, regardless of which operating system you have:
Guidelines for Windows devices
Guidelines for Linux Ubuntu devices
You can find more information about using your computer safely on the Federal Office for Information Security website.
Centrally administered computers
................................................................................................................................................................................................
The ITSC has provided the following guidelines for the secure use of computers that are administered centrally by the ITSC:
1. Turn on your device and sign in locally.
2. Turn off the proxy setting on your device. (instructions in pictures)
- a. To do this, select the search function, which is located on the Start menu.
- b. Enter 'proxy' in the search field. The field 'Proxyeinstellungen ändern (Change proxy settings)' will appear.
- c. Select this field.
- d. Deactivate the options 'Einstellungen automatisch erkennen (Automatically recognise settings' and 'Proxyserver verwenden (Use proxy server)'.
3. Check your device using the Sophos virus scanner
A virus scanner from Sophos is installed on your device. Use this to scan your computer for malware. The Sophos virus scanner works with so-called virus signatures, which means that it contains a database with the fingerprints of all known viruses. It can therefore automatically recognise the virus signature of the malware used in the cyber-attack on HAW Hamburg.
Update from 27 January 2023: At the moment, Sophos cannot be updated or is not available on some computers. For this reason, USB sticks with the current version of Sophos will be distributed in the various departments and units at the university on 30 January 2023. On those computers labelled 'ITSC...-...-', the virus scan needs to be carried out by an ITSC staff member. Appointments are currently being organised. On all other computers, the user can carry out the scan using the USB stick.
4. If your device is infected with malware, please contact the ITSC
If the Sophos virus scanner notifies you that it has detected malware, please contact the ITSC at the following address: ticket (at) haw-hamburg (dot) de
After taking these steps, you can work safely with your device. You can use it securely with both the HAW Hamburg WLAN and your private WLAN.
Phishing mails and fraud attempts following the IT security incident
................................................................................................................................................................................................
When they hacked the HAW Hamburg IT infrastructure, the hackers had access to the university's central IT systems. Based on the information currently available, it must be assumed that data were stolen during the attack on these systems. (Please see the information provided on 9 March 2023 pursuant to article 34 of the GDPR.) Among other things, criminals use such stolen data for fraudulent activities such as phishing mails and Internet purchases with false identities.
This means that increased caution with suspicious emails or account activity in online shops is called for. We especially ask that you observe the following guidelines:
- Do not open attachments or links in suspicious mails. These attachments and links can contain malware, which can damage your device or be used to steal personal information – for example, account information – which can then be used for criminal activities.
- Do not answer these mails. This applies especially to mails that ask you to carry out unusual activities such as making money transfers to alternative accounts or giving out PINS or passwords.
Login attempts on Amazon and eBay
The ITSC has received several reports from students about login attempts by unauthorised third parties on Internet sites such as Amazon and eBay. After reviewing all the reports to date and taking into account the tactics previously used by the hacker group, it is possible to conclude that these login attempts are not linked to the security incident at HAW Hamburg or the hacker group.
Fraud attempts via SMS
The ITSC has also received numerous reports of attempted fraud via SMS. These messages ask the recipient to open a fraudulent webpage (phishing page) under the pretext of an Apple Pay connection or a suspicious payment. On this page, they are asked to enter online banking information, bank card information and other personal information. Such SMS messages are a well-known scam and are not linked to the security incident at HAW Hamburg or the same criminal group. Nevertheless, the ITSC strongly warns against entering information on such phishing pages.
WhatsApp (grand)child trick
Fraudulent activities via the WhatsApp messenger service have also been reported. In this case, the individuals claim that they are the recipients' (grand)children and say that they have a new phone number because the old smartphone has been broken or lost. This scam is also a well-known tactic of fraudsters. It is not connected with the security incident at HAW Hamburg or the same group of criminals.
Email data
................................................................................................................................................................................................
Thousands of passwords, user names and accounts are hacked each year. Social networks and entertainment sites are among the most common targets of phishing attempts. There are various online portals you can use to check whether your email address has been compromised. They compile information about known leaks and make it possible to search for email addresses. One of the most comprehensive services is Have I been Pwned?, which you can find at haveibeenpwned.com.
If you receive the notification 'Oh no – pwned', this means that the email address has been published in one or more leaks. Information about which leak this was is indicated on the website. In this case, what applies for everyone is even more important for you:
- Select a strong password.
- Use two-factor authentication whenever possible.
- Select the 'Subscribe to notification' option from haveibeenpwned.com.
The website outlines these points under '3 steps to better security'.
Contact people for questions regarding the security of your computer
................................................................................................................................................................................................
The Rechenzentrum Bergedorf can be contacted via this email address: rz (at) ls-haw-hamburg (dot) de
In the other faculties, please contact the person/unit that issued you the computer/device. If you are not able to identify a contact person via this route, you can send a mail to ticket (at) haw-hamburg (dot) de. Please be sure to indicate whether you are an employee as well as the department or administrative unit you work for.
Students and employees who are having problems with their private computer can also contact ticket (at) haw-hamburg (dot) de
Notifications
Information pursuant to article 34 of the GDPR regarding the security incident at the Hamburg University of Applied Sciences (HAW Hamburg) – 9 March 2023 Information pursuant to article 34 of the GDPR regarding the security incident at the Hamburg University of Applied Sciences (HAW Hamburg) – 6 Jan 2023Questions about myHAW
Change of address, semester ticket, certificates, etc.
Data protection
datenschutz (at) mmkh (dot) de
The Multimediakontor Hamburg responds to inquiries in cooperation with HAW Hamburg.