Webster University email accounts were compromised last week. An employee's computer was infected and sent…
Student’s email, Facebook ‘hacked’ in Library
After using a library computer, Webster Conservatory of Theatre Arts student Jade Collins did what many students do in a rush before class. She forgot to log out of her Google Drive.
Less than an hour later, Collins received a concerned phone call from her friend Lize Louie.
“Hey, what photos did you just send me?” Louie asked.
In what Collins guessed was only minutes after she left her computer, someone sent nude photos from the internet to 10 of her acquaintances, including family and professors.
At first, Collins thought it was a joke.
“Usually when I leave a computer logged in, someone I know will log out for me,” Collins said. “Sometimes a friend will see that I’m logged in, and they’ll make a Google Doc and say, ‘Hey, you left your computer open,’ or something funny like that.”
It was not until her dad called and asked about the photos did she start to believe it.
“It was stressful in the moment,” Collins said. “I was freaking out that everyone was going to think it was me.”
Whoever used her Google email (Gmail) and drive also logged into Collins’ Facebook page since the accounts are linked. They posted nude photos on her timeline and direct messaged more to her friends.
No one has posted on Collins’ accounts since the day she forgot to log out on Nov. 4.
Collins said she did not alert library staff.
“I didn’t [tell the staff] because I was very panicked,” Collins said. “I called all my friends and tried to figure out how to lock all of my email accounts and emailed teachers. I was mostly worried about teachers getting posts from me.”
Collins said her professors told her they never believed it was she who sent the photos. Since the “hack,” she’s changed all her passwords and become more aware of logging out of public computers.
Google offers safety precautions for when users forget to log out of their accounts. At the bottom of each Gmail inbox, the “last account activity” allows users to sign out of all logged-in locations remotely.
The National Cyber Security Alliance recommends web users to add as many steps to the login process as possible. Google also has a “two-step verification” option, so that even if someone gets another person’s password, they will have to answer a security question.
Collins advises anyone who logs into a public computer to double-check that they log out before they leave, no matter how busy they are.