Starting 1 July 2020, there will be no further updates to these FAQ pages. Please visit the website of IT.Services for information on the current system status.
On this page we have compiled general questions and answers about the computer attack on RUB, which concern all groups on campus.
RUB.DE email addresses often experience overload problems when the emails are accessed via the web client. Using an external email client (such as Outlook or Thunderbird), RUB emails can be retrieved easily. The same applies to forwarded emails. The server of the RUB-Mail web client is often overloaded, because obviously many people choose this option for accessing their emails. Check here: https://mail.ruhr-uni-bochum.de/mail/anleitungen
Unfortunately, all mail accounts for which Exchange is set up could not be used for some time, not even via external mail clients. The Exchange infrastructure is now up and running again. Further information is available on the IT-Services website (German).
The sharepoint servers had been switched off, but have been back in operation since 27 June 2020. Accordingly, the infrastructure for central holiday time and business trip management, the further education portal, the project rooms of various committees, and the service portal is available once again. The respective departments are now gradually putting the applications back into operation and updating their databases.
There is a restriction with regard to an older sharepoint server farm, which is currently still being restored. This affects the applications of the gas storage facility, the VRR ticket issuing service, and an administration application.
Information on which applications are back and which aren’t is available on the IT-Services website.
Not every system is currently running with the full technical resources, so it may be overloaded if too many users access the system at the same time. If a system is stuck, you should try it during off-peak hours.
For technical reasons, some passwords can’t be transferred to the new Active Directory (a core component of the Windows server network that was launched on 2 June 2020). As a result, some users can’t access certain digital services, for example they can’t log on to their office computer or access the file server. If you encounter such problems, please reset your password here: https://rub.de/login. Ten minutes later, you should be able to use your account fully.
Passwords for RUB LoginIDs that were not reset after 12 May 2020, 2 p.m. and before 3 June have been blocked for security reasons. In order to continue using the associated services, e.g. RUB email, users have to apply for a new password at the IT-Services Service Centre. Emails that are sent to blocked accounts won’t be received and can’t be delivered at a later date. Senders receive a message that the email could not be delivered.
Information on how to request a new password can be found on the IT-Services website at: https://www.it-services.ruhr-uni-bochum.de/allg/cyberangriffrub.html.de
Passwords for RUB login IDs that weren't reset by 3 June 2020 have been locked for security reasons. If you've been locked out of your account but want to continue to use it, please contact the Service Center of IT-Services and request a new password. The Sevice Center team is currently not available on campus, but you can contact them via email (email@example.com). Please use the following form for your password request (German): https://www.it-services.ruhr-uni-bochum.de/mam/content/sd/shortguides/its-passwortaenderung_202004.pdf
As IT Services is currently receiving many enquiries, the team is asking for patience. Some users contacted the Service Center before 3 June, because they’d forgotten their current password for the RUB LoginID and therefore couldn’t change it. These requests couldn’t all be processed yet. If you have made the request from a RUB email address, please contact the Service Center again using an alternative email address. As the old passwords for these accounts have been blocked, these users can no longer access their RUB emails and, consequently, won’t receive the answer from IT Services.
Some files on the servers and drives had been affected by the attack. Server systems had been encrypted, but no data was lost. The Active Directory – a central component of the Windows-based network – had to be rebuilt. The new Active Directory and central file services will be available in the course of 2 June 2020. This also means that access to network drives will be restored.
If you changed your password before 12 May 2020, 2 p.m., please note: the change hasn’t been processed in the system. You will have to change your password again. IT-Services has added another info box on its website. IT-Services also explains on its website where you can check when you last changed your password.
Accounts whose passwords have not been changed will be blocked for security reasons from 3 June 2020. If you wish to continue using the account, you must immediately change your password at https://rub.de/login.
Unfortunately it is very difficult to find out if mails are on an exchange server. An important indication is the calendar function. If it was possible to use it to its full extent (invitation of other users, invitation to share a calendar, etc.) the mail address is most likely on an exchange server.
Certain peaks can cause Thunderbird and other clients to temporarily stop working. However, as far as we know a general problem doesn’t exist.
Unfortunately, we can’t coordinate our central communication with the many decentralised institutions individually. All RUB members should be guided by the centralised information issued by the university.
Office 365 is a Microsoft cloud product that isn’t directly linked with RUB and is therefore not affected by this incident. However, Office 365 is currently not available for official use.