Information about the cyberattack

The university uses the Mainz Campus2Go app as its central internal communication channel to provide all updates in a transparent, consolidated, and readily accessible manner at all times. In addition, the University Executive Board reserves the right to convene a general assembly if necessary.

Students automatically receive the app on their smartphones upon enrolment. Staff members and teaching personnel who do not yet use the app can download it free of charge from the app stores.

Download links:

Google Play Store
https://lnkd.in/ejYvdwfR

Apple App Store
https://lnkd.in/eC-y3_9w

Please enable notifications (push notifications) in the app to ensure you receive important information in a timely manner.

At this time, no statement can yet be made on this matter.

The most important services — Campus Management, email, Seafile, OLAT, and Zoom — are accessible again.

As the departments are once again reachable by telephone and email, students should clarify organisational questions related to their studies directly with the relevant departments, for example the responsible Examinations Office or the Student Services Office. Likewise, staff members should address organisational questions related to their daily work directly to the responsible department, such as the Human Resources Department.

The hotline set up by Mainz University of Applied Sciences to handle questions related to the cyberattack was discontinued in December.

The Helpdesk is currently not yet able to provide full technical support. However, the Helpdesk phone number (06131/628-6363) is supported by volunteers from among the staff Monday to Friday from 9:00 to 16:00, and on Thursdays until 18:00. They can answer many questions and otherwise record them so they can be processed as quickly as possible.

The university continues to use the Mainz Campus2Go app as its central internal communication channel to provide all updates in a transparent, consolidated, and easily accessible manner at all times.

A large number of staff members are once again reachable by email. However, it may still take some time until all university staff members are reliably reachable by email across all areas.

If you do not receive a response to an email, please try to contact the relevant person by telephone. Phone numbers and office hours can usually be found on the respective department’s website at hs-mainz.de.

If you would like to contact a specific person, you can find their contact details in the staff directory on the university website.

Please discuss with your supervisor which tasks can currently be carried out under the given restrictions or how your working hours should be handled.

Supervisors must actively maintain contact with their employees. It must be ensured that all areas of the organisation remain continuously reachable. When deciding on the assignment of tasks, supervisors should assess whether employees can take on duties that support other organisational units of the university.

In principle, yes. Wi-Fi via Eduroam is available again on campus using an Easyroam certificate. Wi-Fi access will also gradually be restored at the Holzstraße and Wallstraße locations.

Please coordinate with your supervisor whether you should work on site or from home.

• If you are ill, inform your direct supervisor.
• Then inform Dagmar Kumpf in the Human Resources Department by phone: +49 6131 628-5311.
• After that, send an email to the Human Resources Department: arbeitszeitkonto@hs-mainz.de.
• Once the time tracking system is operational again, enter your sick days retrospectively.

• Please coordinate flex days or vacation with your direct supervisor.
• Then send an email to the Human Resources Department (arbeitszeitkonto@hs-mainz.de).
• Once the time tracking system is operational again, enter the vacation days or flex days taken in the meantime retrospectively.

At the university locations, working hours must be recorded via the terminals. The booking will only be processed once the IntraKey application is back online.

If you are working from home by agreement with your supervisor, please record your working hours and enter them retrospectively once the IntraKey time tracking system is operational again.

Important: Please make sure to document your working hours — regardless of how you are currently recording them offline.

Yes, teaching continues to take place in person as usual.

If any in-person classes or teaching activities need to be cancelled, this will be communicated via on-site notices and, in exceptional cases, also through the Campus2Go app.

All university-owned Windows devices operated by the ZIK may only be used offline — both on and off campus.

If you have not yet submitted your Windows device, you can obtain the required form at the library. Please complete the form there and then hand in the device at the library. The device will be collected by the Helpdesk.

Please do not copy any data to network drives, external hard drives, or USB sticks. The ZIK will inspect the Windows devices; the data stored on them will be backed up and not deleted.

According to current information, self-managed Windows and macOS devices are not affected.

According to current information, self-managed Windows and macOS devices are not affected.

This is currently being investigated.

According to current information, uploading documents to cloud solutions is considered safe — even from affected devices. The exchange of data via USB sticks remains strictly prohibited. To date, there is no indication that the malware spreads to other devices within the same (e.g. private) network.

The ZIK is currently restoring the infrastructure step by step to enable central units, administration, and faculties to become operational again.

The most important services — Campus Management, email, Seafile, OLAT, and Zoom — are accessible again. Over the course of January and February, work is underway to restore Wi-Fi (eduroam) at the university locations. Please note that you need a valid easyroam profile to use the eduroam Wi-Fi network.

To install easyroam, visit easyroam.de and select the “Log in” button in the upper right corner of the screen. Then select Mainz University of Applied Sciences via the search or list. In the next step, log in using your currently valid IT account.

It must be assumed that passwords you entered or stored on affected ZIK-administered devices have been compromised. The attackers gained access using remote maintenance software and a keylogger. As a precaution, please change all private and professional passwords that you used on these devices.

For self-managed devices, the university recommends using the analysis software Malwarebytes to identify potential issues.

A password change is mandatory in order to use the restored services.

Appointments for the distribution of the new domain passwords are announced via the Mainz Campus2Go app.

Only staff members, lecturers, and adjunct faculty are required to set new passwords. Student accounts are not affected.

According to current knowledge, the data is secure. All members of the university can already access Seafile again.

Access to the network drives for staff and teaching personnel will be restored once the cleaned devices have been issued.

Seien Sie wachsam gegenüber möglichen Trittbrettfahrern, die versuchen könnten, aus der Situation Profit zu schlagen (z. B. Angebote zum Rückkauf angeblich abgeflossener Daten).
Gehen Sie nicht auf Forderungen ein, öffnen Sie keine Anhänge oder Links.

Kontaktieren Sie stattdessen umgehend das helpdesk

Deceptively authentic phishing emails may currently be in circulation, for example claiming that certain emails could not be delivered. The senders appear to be supposed support service providers that are not affiliated with the university.

A typical feature is a link to a fake Shibboleth login page. You can recognise that it is not the legitimate page by the following indicators:

• The interface language is set to English.
• The browser address bar does not contain any reference to “hs-mainz.de.”
• You may see a warning triangle in the browser address bar, indicating an insecure connection.

Important: Do not enter any login credentials on such pages. Mark the emails as spam and delete them. Please also inform colleagues.

If you have clicked on a suspicious link, please note the following:

• If you entered your login credentials, you must change your password immediately
  (see FAQ: Passwords, Data and Security – “How and where can I obtain a new password?”).
• If you only clicked on the link but did not enter any data, there is no risk.

Yes, the library is open:

Monday–Wednesday | 09:00–16:00
Thursday | 09:00–18:00
Friday | 09:00–16:00

In even calendar weeks, the library is also open on Saturdays from 10:00–14:00.

Access via OpenPlus is still not available.

The OPAC catalogue search and the renewal of library items are available. Borrowing and returning items on site also function as usual.

Access to electronic resources (e.g. databases or e-books) is currently possible on site via eduroam.

Students and staff of Mainz University of Applied Sciences can access the content of the Springer Link platform via the library — even without using a VPN connection. To activate access, simply send an email from your university email address to:
Ivana.Teronic.Oruc@hs-mainz.de

Once access has been activated, you will be able to use the Springer Link content.

On site, access to Springer Link is also available via eduroam.

For all further questions, please contact the library team directly:
+49 6131 628-6220