Information about the cyberattack

The university uses the Mainz Campus2Go app as its central internal communication channel to provide all updates in a transparent, consolidated, and readily accessible manner at all times. In addition, the University Executive Board reserves the right to convene a general assembly if necessary.

Students automatically receive the app on their smartphones upon enrolment. Staff members and teaching personnel who do not yet use the app can download it free of charge from the app stores.

Download links:

Google Play Store
https://lnkd.in/ejYvdwfR

Apple App Store
https://lnkd.in/eC-y3_9w

Please enable notifications (push notifications) in the app to ensure you receive important information in a timely manner.

At this time, no statement can yet be made on this matter.

The most important services — Campus Management, email, Seafile, OLAT, and Zoom — are accessible again.

Yes, shorter and resolvable outages of media and tools such as the university website or the telephone system may occur in the coming days, as these are integrated into the affected systems.

The hotline set up by Mainz University of Applied Sciences to handle questions related to the cyberattack ceased operations on Thursday, 11 December 2025, at 12:00 noon.

From that point onward, inquiries should once again be directed directly to the responsible departments (for example, the relevant Examinations Office, the Student Services Office, or the Human Resources Department).

The usual contact persons are once again reachable by phone during standard opening hours.

Important information, such as dates for password distribution or the restoration of Wi-Fi at the university locations, will continue to be communicated via the Campus2Go app.

The Helpdesk is currently not yet able to provide full technical support. However, the Helpdesk phone number (06131/628-6363) is supported by volunteers from among the staff Monday to Friday from 9:00 to 16:00, and on Thursdays until 18:00. They can answer many questions and record others so they can be processed as quickly as possible.

The hotline, which was set up at short notice, handled the most urgent inquiries at the beginning of this exceptional situation, searched for answers, and advised and supported students, teaching staff, and employees in dealing with uncertainties and organisational challenges.

It may still take some time until all university staff members are once again reliably reachable by email across all areas. Please primarily contact the relevant departmental contacts by telephone (for example, the responsible Examinations Office, the International Office, or the Human Resources Department).

Telephone numbers and office hours can usually be found on the respective department’s website at hs-mainz.de.

If you would like to contact a specific person, you can find their contact details in the staff directory on the university website.

Several deceptively authentic phishing emails are currently in circulation, for example claiming that certain emails could not be delivered. The senders appear to be supposed support service providers that are not affiliated with the university.

A typical feature is a link to a fake Shibboleth login page. You can recognise that it is not the legitimate page by the following indicators:

• The interface language is set to English.
• The browser address bar does not contain any reference to “hs-mainz.de.”
• You may see a warning triangle in the browser address bar, indicating an insecure connection.

Important: Do not enter any login credentials on such pages. Mark these emails as spam and delete them. Please also inform colleagues.

If you clicked the link and entered your login credentials:
Please visit the password distribution desk in the Aula (see the FAQ “How and where can I obtain a new password?”) to change your password. At least 24 hours must pass between the first password change and the subsequent change.

If you only clicked the link but did not enter any data, there is no risk.

Discuss with your supervisor which activities can currently be carried out under the given restrictions (e.g., without access to e-mail).

If your supervisor concludes that no meaningful activities can currently be carried out, you should reduce overtime hours within the scope of possibilities.

Supervisors must actively maintain contact with their employees. It must be ensured that all areas of the organization are continuously reachable, even if the usual communication channels are disrupted. When deciding on the assignment of tasks, supervisors should check whether employees can take on tasks that support other organizational units of the University for Applied Sciences.

Basically yes. Please coordinate this with your supervisors.

Time tracking is still possible using the on-site devices. If you are working from home, please record your working hours after prior agreement with your supervisor and enter them retrospectively once the time tracking system is available again. As a precaution, we recommend additionally documenting your working hours even when using the on-site devices.

Yes, teaching continues to take place in person as usual.

If any in-person classes or teaching activities need to be cancelled, this will be communicated via on-site notices and, in exceptional cases, also through the Campus2Go app.

The university is regularly closed from 24 December 2025 through 3 January 2026 (inclusive).

It must be assumed that all university-owned Windows devices operated by the ZIK may be affected.

• These devices may now only be used in offline mode — both on and off campus.
• A regulation regarding the submission of Windows devices for staff was communicated in Update 11 via Campus2Go.
• Please do not copy any data to network drives, external hard drives, or USB sticks.
• The devices must be submitted to the ZIK. Please coordinate this with your supervisor or faculty management. Submission is still possible until 22 December 2025, prior to the Christmas break.
• The ZIK will inspect the devices; the data stored on them will be backed up and not deleted.
• According to current information, self-managed Windows and macOS devices are not affected.

• According to current information, self-managed Windows and macOS devices are not affected.
• University-owned Windows devices may be affected and therefore may only be used offline (!) — including no LAN connection.

This is currently being investigated.

According to current information, uploading documents to cloud solutions is considered safe — even from affected devices. The exchange of data via USB sticks remains strictly prohibited. To date, there is no indication that the malware spreads to other devices within the same (e.g. private) network.

The ZIK is currently restoring the infrastructure step by step to enable central units, administration, and faculties to become operational again.

The most important services — Campus Management, email, Seafile, OLAT, and Zoom — are accessible again.

It can be assumed that passwords that you entered or saved on affected devices administered by the ZIK have been leaked. The attackers had access using remote maintenance software and a keylogger. Please change all private and professional passwords that you used on these devices as a precaution.

For self-administered devices, the university recommends the analysis software Malwarebytes to identify problems.

A password change is mandatory in order to use the restored services.

Since 5 December 2025, new passwords have been issued to staff members, lecturers, and adjunct faculty.

Appointments at the Campus, Holzstraße, and Wallstraße locations are announced via the Mainz Campus2Go app.

Initial passwords must be changed to a personal password on site.
Please do not contact the ZIK Helpdesk regarding this matter.

According to current knowledge, the data is safe. We are not currently assuming data loss.

This is currently being checked.

Seien Sie wachsam gegenüber möglichen Trittbrettfahrern, die versuchen könnten, aus der Situation Profit zu schlagen (z. B. Angebote zum Rückkauf angeblich abgeflossener Daten).
Gehen Sie nicht auf Forderungen ein, öffnen Sie keine Anhänge oder Links.

Kontaktieren Sie stattdessen umgehend das helpdesk

Several deceptively authentic phishing emails are currently in circulation, for example claiming that certain emails could not be delivered. The senders appear to be supposed support service providers that are not affiliated with the university.

A typical feature is a link to a fake Shibboleth login page. You can identify that it is not the legitimate page by the following signs:

• The interface language is set to English.
• The browser address bar does not contain any reference to “hs-mainz.de.”
• You may see a warning triangle in the browser address bar, indicating an insecure connection.

Important: Do not enter any login credentials on such pages. Mark the emails as spam and delete them. Please also inform colleagues.

If you clicked the link and entered your login credentials:
Please visit the password distribution desk in the Aula (see the FAQ “How and where can I obtain a new password?”) to change your password. At least 24 hours must pass between the first password change and the subsequent change.

If you only clicked the link but did not enter any data, there is no risk.

Yes, the library is open:

Monday–Wednesday | 09:00–16:00
Thursday | 09:00–18:00
Friday | 09:00–16:00

From 23 December at 4:00 p.m. until the end of the Christmas closure period, the library will be closed.

It will reopen on Monday, 5 January 2026.

The OPAC catalogue search and the renewal of library items are available.
Borrowing and returning items on site also function as usual.

Please note that access to electronic resources (e.g. databases, e-books) is currently not available.

Students and staff of Mainz University of Applied Sciences can access the content of the Springer Link platform via the library — even without using a VPN connection.

To activate access, simply send an email from your university email address to:
Ivana.Teronic.Oruc@hs-mainz.de

Once access has been activated, you will be able to use the Springer Link content.

For all further questions, please contact the library team directly:
+49 6131 628-6220