Skip to main content
    Are Your Student's University Email and Files Safe? What College Families Need to Know
    Cybersecurity
    2 min read

    Are Your Student's University Email and Files Safe? What College Families Need to Know

    Hackers targeted email systems at U.S. and Canadian universities to steal passwords and spy on researchers. Students and faculty may be affected.

    Source

    BleepingComputer

    Original headline: Hackers exploit Roundcube flaw to spy on academic researchers

    Plain-English summary by GetCyberRight. Read the full report at the source above.

    Published Wednesday, July 8, 2026Updated Thursday, July 9, 20262 min read
    Share:

    Cybercriminals have been breaking into email systems used by universities across the United States and Canada. They exploited a security flaw in Roundcube, an email program that many colleges use. The hackers specifically targeted academic researchers, stealing their login credentials and installing secret spying software on the university servers.

    This affects students, faculty, and staff at universities that use Roundcube for email. If your student attends a U.S. or Canadian university, their email account could potentially be compromised. The attackers can read emails, steal passwords, and access any files or research stored in university accounts.

    Stay one step ahead of scammers

    Weekly cybersecurity briefings for families. No spam, just the threats that matter and what to do about them.

    Anyone who uses their university email for personal matters, like password resets for other accounts, faces additional risk. If you or your college student use university email, take these steps right away.

    1. Change your university email password immediately through your school's official portal.
    2. Enable two-factor authentication on your university account if it is available. Contact your school's IT help desk if you need assistance.
    3. Change passwords on any other accounts where you used the same password as your university email.
    4. Watch for suspicious emails that appear to come from your university, especially ones asking you to click links or provide login information. Beyond this immediate threat, make sure your student understands basic email safety. Never reuse passwords across multiple accounts, especially for important services like email, banking, or social media. Use a password manager to create and store unique passwords for every account. Be suspicious of any email asking you to click a link or download an attachment, even if it appears to come from the university. When in doubt, contact the IT department directly using a phone number from the official university website, not from the email itself.

    Protect Yourself

    Use our Cyber Threat Radar to check if you're affected and take action.

    Found this useful?

    Share it with someone who could use a heads-up.

    Share:

    Curated from trusted cybersecurity sources by GetCyberRight

    Source: BleepingComputer

    Discussion

    0

    Sign in to join the discussion.

    Stay ahead of cyber threats

    Get our free weekly digest. Real threats, plain language, what to do about them. No spam, ever.