The login portal for TRAQ has been restored.

Through the Tools for Research at Queen’s (TRAQ) Portal, researchers submit compliance applications, such as Human Ethics (GREB/HSREB) and Biohazards certifications, as well as research projects (grants & contracts) to seek internal approvals.

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Previous Description (March 31, 2023 10:39):

TRAQ and IT Services are investigating a login issue where users attempting to log into TRAQ are being presented with a Stale Request message.

If you have an urgent matter, please email traq@queensu.ca and we would be pleased to assist.

This notice will be updated when more information is available.

On Wednesday March 29th a change will take place to extend capabilities within the Power BI Service. Power BI Pro will be enabled on all active staff and faculty accounts which will provide new capabilities such as: -creating Power BI Service workspaces -embedding Power BI visuals into other Microsoft applications -sharing and collaborating on reports, dashboards and apps with other individuals at Queen's

For further information visit the Power BI Service page

Why did I get an email about Leaked Credentials? The Queen’s IT Services Security team recently became aware of the posting of credentials online that belong to Queen's University account holders. As a precaution, Queen’s IT Services will expire the passwords of any Queen’s account found to be listed on the breached accounts list to ensure that the password posted will no longer be valid.

What should I do to protect myself? If you received an email message from IT Services concerning the posting of your credentials, you will be sent additional emails requesting you to change your password, prior to your password expiring. NetID passwords are changed at https://netid.queensu.ca/selfservice/login/auth

We also encourage you to take the following actions to better protect yourself and your information: Do not reuse passwords across your accounts. If you have used your Queen’s password on multiple sites, we strongly encourage you to change that password on every other site where it has been used. Be extra diligent of scams that may reference your Queen's account.

What data was compromised? In February 2023, the grad school admissions search website TheGradCafe suffered a data breach that disclosed the personal records of 310k users. The data included email addresses, names and usernames, genders, geographic locations and passwords stored as bcrypt hashes. Some records also included physical address, phone number and date of birth. TheGradCafe did not respond to multiple attempts to disclose the breach.

Why is Queen’s expiring passwords for potentially breached accounts? Queen’s account holders who fail to follow safe password practices are at risk when breaches like this occur. To protect your Queen’s account IT Services are taking this action to prevent account compromises by ensuring all accounts associated with the posting of credentials have refreshed passwords.

What caused the data breach? Details about what caused the breach are unknown. Account information obtained through other online service breaches are reviewed by hackers and when simple passwords are found, they are tested against other services to see whether the password is still valid with slight variations. IT Services obtain breach information from the service called “Have I Been Pwned?” . Visiting the website https://haveibeenpwned.com/ will allow you to enter and check your Queen’s University email address against all publicized breaches that reference your Queen’s email address. The site also provides details about the data breach, including links to additional information.