August 8, 2018

This past week we have received a few emails from users of the BYU corpora. These users have received threatening messages that refer to the email and password for their BYU corpus account, e.g.:

It appears to be that (yourBYUPassword) is your password. May very well not know me and you are probably wondering why you're getting this e-mail, right?

in fact, I setup a spyware on the . . . website and you know what, you visited this site to have fun (you really know what What i'm saying is).

. . . (threats) . . . (threats) . . .

See similar emails for other websites

Apparently, these messages result from data that was exposed to hackers during a data breach at this site in February 2017. All users were notified of the data breach at the time it occurred, and we have instituted a number of security updates for this site, which should prevent anything like this from ever happening again.

The email and its threats mean nothing. It's all made up. All the hackers have is your email address and your password (from Feb 2017), and hopefully you changed that long ago (as suggested in the email to all users of the corpora in Feb 2017, and in many notifications since then). Don't worry about their threats to email others with your personal information -- they don't have any other email addresses related to you, other than your own.

If you have reason to believe that there has been another, more recent security breach (involving data that could not have been obtained in Feb 2017), please let us know as soon as possible. Otherwise, you can safely assume that this annoying email is just a lingering effect of the data breach from nearly two years ago.

Mark Davies
BYU corpora