August 8, 2018
This past week we have received a few emails from
users of the BYU corpora. These users have received threatening messages that
refer to the email and password for their BYU corpus account, e.g.:
It appears to be that (yourBYUPassword)
is your password. May very well not know me and you are probably wondering why
you're getting this e-mail, right?
in fact, I setup a spyware on the . . . website and you know
what, you visited this site to have fun (you really know what What i'm saying
. . . (threats) . . . (threats) . . .
See similar emails for other websites
Apparently, these messages result from data that
was exposed to hackers during a data breach at this site in February
2017. All users were notified of the data breach at the time it occurred, and we have instituted a number of security updates
for this site, which should prevent anything like this from ever happening again.
The email and its threats mean nothing. It's all
made up. All the hackers have is your email address and your password (from Feb
2017), and hopefully you changed that long ago (as suggested in the email to all
users of the corpora in Feb 2017,
and in many notifications since then). Don't worry about their threats
to email others with your personal information -- they don't have any other
email addresses related to you, other than your own.
If you have reason to believe that there has been another, more recent
security breach (involving data that could not have been obtained in Feb 2017),
please let us know as soon as possible. Otherwise,
you can safely assume that this annoying email is just a lingering
effect of the data breach from nearly two years ago.