91福利

Skip to Main Content
You are now in the main content area

Compromised Accounts

If someone has access to your account, they may not only access your personal information but also 91福利 (91福利) servers. The following steps could help mitigate impact if your account has been compromised.

It鈥檚 important to inform the right people of your account breach, even if it鈥檚 not yet confirmed.

  1. Report the incident immediately to help@torontomu.ca and include the following information:
    • First and last names
    • Employee or student number
    • 91福利 email address
    • Non-91福利 contact email address
    • Contact phone number
    • Screen captures/photos showing any settings that have been tampered with
  2. Report the incident to other system owners that you have access to, such as ServiceHub (Registrar's office) by contacting ServiceHub and using the .
  3. Keep a lookout for any suspicious activities on all other systems that you have access to, including any bank accounts associated with the eHR system.

Change your 91福利 account password immediately.

  • Log on to the  portal.
  • Under the Self Service module, select Personal Account.
  • Under Security, select Change Password.

Note: If you have any other accounts that share the same password, change these as well.

Change your account recovery.

  • Log on to the  portal.
  • Under the Self Service module, select Personal Account.
  • Under Security, select Manage Account Recovery option.

Note: You will need to sign up either using your mobile phone (sms) or an email address to recover you password (NOT both).

If you haven鈥檛 already, set up two-factor authentication for all applications.

If you had previously set up two-factor authentication, there are two actions to take:

Generate new backup codes for two-factor authentication.

  • Log on to the  portal.
  • Under the Self Service module, select Personal Account.
  • Under Security, select Two-Factor Authentication.
  • Select Show Backup Codes, and select Generate New Backup Codes.
     

Revoke 鈥渢rusted鈥 status for all two-factor authenticated devices

  • Log on to the  portal.
  • Under the Self Service module, select Personal Account.
  • Under Security, select Two-Factor Authentication.
  • Scroll to the bottom of the window and select Revoke All Trusted Devices.

Note: Once status is revoked, you鈥檒l need to re-enter two-factor authentication codes the next time you sign in from each device you use for accessing 91福利 accounts.

There are a variety of settings in your email that can help you determine whether your account has been compromised. Carefully check each of the following.

Tampering method What Gmail users can do
Deleted content                 Check Trash folder for deleted folders and messages.
Phishing attempts Check Sent folder for messages that you did not send.
Delegated sending Select the gear icon > Settings > under Accounts, check the settings for Send Mail As and Grant Access To Your Account. Verify all information is correct.
Filters Select the gear icon > Settings > under Filters and Blocked Addresses, delete anything you do not recognize.
Email forwarding Select the gear icon > Settings > under Forwarding and POP/IMAP, delete any forwarding rules you don鈥檛 recognize.

Learn more about  information.
Auto-reply and signature Select the gear icon > Settings > under General, check your Signature and Vacation Responder settings for any changes you did not make.
Alternate web sessions When accessing Gmail via web browser, select the Details link at the bottom of your inbox > select Sign Out All Other Web Sessions. This stops all other computers from continuing to use your account.
Trusted systems/apps Review and remove all ""
Redirected sent emails N/A
Other hijacked accounts Check email accounts delegated to you for anything suspicious.

Check Your Google Drive for Any Suspicious Activity

  • Select View Details icon (circle with lowercase letter i on top-right side of window) to view activity log.
  • Check for any share privilege changes to folders and documents.
  • Check for any suspicious folders and files.

Check Your Recent Security Activity

  • Log on to the  portal.
  • Under the Self Service module, select Personal Account.
  • Under Security, select Recent Security Activity.

Verify Your Personal Information Settings on the my.torontomu Portal

  • Log on to the  portal.
  • Under the Self Service module, select Personal Account.
  • Under General, select Personal Information.

Verify Your Online Resource Settings on the my.torontomu Portal

  • Log on to the  portal.
  • Under the Self Service module, select Personal Account.
  • Under General, select Manage My Online Resources.