It is being reported that an unsecured Elsevier server has resulted in a number of user email addresses and passwords being exposed, potentially leaving them vulnerable to unauthorized use.
Elsevier has responded that this security breach was due to a server being improperly configured, and that the problem has since been corrected. Elsevier is continuing their investigation into the matter and will communicate directly with their users on what steps to take.
The Library currently subscribes to a number of Elsevier services, including:
- EI Engineering Village
- International Encyclopedia of the Social & Behavioral Sciences
- ScienceDirect Journals
If you have created an account with any of these Elsevier services, we strongly recommend that you change the password for your Elsevier account immediately.
Note that all of these services use the same account for authentication, so changing your password once should update it with all services. However, if you have created multiple accounts with Elsevier using different email addresses, you will need to update each account’s password separately.
Carleton MyCarletonOne accounts are not affected by this issue.
To contact Elsevier, please visit their Privacy Support Centre.
If you have any questions, please contact the Library Services Desk.