On a regular basis, account providers are hacked and their customer data is stolen and put up for sale on the dark web in large data dumps. Usernames and passwords are often included in the information. As over 30% of users reuse passwords and usernames, once a hacker has that information they can access several accounts. As part of our ongoing efforts to keep Mount Royal’s data safe, we subscribe to a service that lets us know if any @mtroyal.ca email addresses appear in these lists. If an account provider gets hacked and a user used an @mtroyal.ca email address as a username, we get notified about the breach. This happens about 3.8 times a month. We then force a password change on the account to ensure it stays secure.
Where things get uncomfortable is when users decide to use their @mtroyal.ca email address for personal accounts. Many account providers who deliver special interest content do not have the best security practices and are often hacked. We really don’t want to know that you belong to the Jelly of the Month Club or you are a member of Poniverse (those are the G-rated ones). Please save us and yourselves the embarrassment. Use your @mtroyal.ca account for business purposes only.