A personal data leak occurred a few months ago, due to a security breach at the American data acquisition company Apollo. This is not an UvA data leak, but rather a leak at an external organisation that specialises in gathering and enriching public information about professional users. The UvA was recently informed that approximately 1000 UvA email addresses are among the affected data. We are therefore informing you about the potential risks and the action you can take.
You can check whether your email has been affected by a data leak via the ‘Have I been Powned’ website: https://haveibeenpwned.com. If your email address appears in the list, scroll down to the bottom of the page to find out whether you’ve been affected by the Apollo breach or a different leak.
Due to the personal data acquired by Apollo, detailed profiles of individuals, including their personal and professional contacts, have been created. There is an increased risk that these leaked email addresses and the related personal profiles could be abused by criminals, for example for identity fraud or to send you phishing and spam emails.
The owners of the 1000 UvA email addresses have been informed of the leak.
It’s important to be alert about fake mails such as phishing or spam, including those from your personal and professional contacts. You can read more about digital safety in the workplace on this A-Z page. If you see anything unusual or a suspicious message, please contact the Computer Emergency Response Team (CERT) via firstname.lastname@example.org.
We advise you to ensure that you never post your personal or professional email or telephone number on public profiles such as LinkedIn, Facebook or Instagram.