Repeated from LITA listserv, sorry for cross-posting:

 

I got wind of this from our IT folks who saw the article. I couldn’t find much information on this besides the article, but we thought “better safe than sorry”.

 

In Elsevier’s AdminTool you can download a list of active accounts – minus staff, we had 35. You could then set up a mail merge in Word (using email) and send out personalized emails (instead of one general email to everybody on the list where they can all see each others’ details). This does take some time sending out individual emails from your Outlook. Your IT department may have better ways of doing this, especially for much larger lists.

 

I also used this as an opportunity to promote our computer science-related e-books to IT Security. We are putting a lot of money into Springer and Elsevier e-books, might as well get staff using them and maybe save a little money on their side.

 

Thanks,

 

Diane Westerfield, Electronic Resources & Serials Librarian

Tutt Library, Colorado College

diane.westerfield@coloradocollege.edu

(719) 389-6661

 

 

From: Serials in Libraries Discussion Forum [mailto:SERIALST@LISTSERV.NASIG.ORG] On Behalf Of Rodriguez, Michael
Sent: Thursday, March 21, 2019 2:26 PM
To: SERIALST@LISTSERV.NASIG.ORG
Subject: [SERIALST] Elsevier data exposure

 

This email originated outside Colorado College. Do not click links or attachments unless you know the content is safe.

 

“Education and Science Giant Elsevier Left Users’ Passwords Exposed Online.”

 

https://motherboard.vice.com/en_us/article/vbw8b9/elsevier-user-passwords-exposed-online

 

Looks like no institutional credentials were exposed, “only” the passwords and email addresses of individuals who set up personal accounts with Elsevier’s products. Nevertheless, this is a serious privacy and security breach.

 

Regards,

 

Michael Rodriguez

Vice President, ACRL New England Chapter

Licensing & Acquisitions Librarian

University of Connecticut

369 Fairfield Way U-1005B | Storrs, CT 06269

michael.a.rodriguez@uconn.edu | 860-486-9325

 

 

To unsubscribe from the SERIALST list, click the following link:
http://listserv.nasig.org/scripts/wa-NASIG.exe?SUBED1=SERIALST&A=1


To unsubscribe from the SERIALST list, click the following link:
http://listserv.nasig.org/scripts/wa-NASIG.exe?SUBED1=SERIALST&A=1