Time to change your passwords for a bunch of Internet services: Uber, Yelp, Betterment, 23andMe, and more.
Between 9-22-2016 and 2-18-2017, passwords, private messages, API keys, and other sensitive data were leaked by Cloudflare who provides services to many of these sites.
This data leak doesn't directly affect UCSC accounts, but it does impact those people who re-use their UCSC Gold or Blue passwords outside of UCSC. More details about the data leak.
What to do?
If you re-use your UCSC Blue or Gold passwords outside of UCSC, please change your password(s) through CruzID Manager at https://cruzid.ucsc.edu/. DO NOT re-use these Blue and Gold passwords for non-UCSC services!
Advice for the UCSC community from ITS security experts:
- Best practice is to have a strong password for each of your accounts and NEVER re-use them! Use Strong Passwords
- Passwords can be securely stored using a variety of free and low-cost encryption tools designed to manage passwords, including Mac OS keychain, LastPass, 1password, Password Wallet, and Password Safe.
- Use two-factor authentication wherever you can, including Google's two-step authentication.
- Manage/change your UCSC passwords at: https://cruzid.ucsc.edu/
If you need help changing your password, please contact the ITS Support Center.