Skip to main content

What To Do If You Think Someone Has Access To Your Account

If someone has access to your account, they may not only access your personal information but also Ryerson servers. The following steps could help mitigate impact if your account has been compromised.


 

Report it

It’s important to inform the right people of your account breach, even if it’s not yet confirmed.

  1. Report the incident immediately to help@ryerson.ca and include the following information:
    • First and last names
    • Employee or student number
    • Ryerson email address
    • Non-Ryerson contact email address
    • Contact phone number
    • Screen captures/photos showing any settings that have been tampered with
  2. Report the incident to other system owners that you have access to, such as RAMSS (Registrar's office) using Ask Ryerson web form and Human Resources (eHR) at hr@ryerson.ca.
  3. Keep a lookout for any suspicious activities on all other systems that you have access to, including any bank accounts associated with the eHR system.

Secure Your Account

Step 1

Change your Ryerson account password immediately.

  • Log on to the my.ryerson.ca portal.
  • Under the Self Service module, click Personal Account.
  • Under Security, click Change Password.

Note: If you have any other accounts that share the same password, change these as well.

Step 2

Change your account recovery.

  • Log on to the my.ryerson.ca portal.
  • Under the Self Service module, click Personal Account.
  • Under Security, click Manage Account Recovery option.

Note: You will need to sign up either using your mobile phone (sms) or an email address to recover you password (NOT both).

Step 3

If you haven’t already, set up two-factor authentication for all applications.

Step 4

If you had previously set up two-factor authentication, there are two actions to take:

Generate new backup codes for two-factor authentication.

  • Log on to the my.ryerson.ca portal.
  • Under the Self Service module, click Personal Account.
  • Under Security, click Two-Factor Authentication.
  • Click Show Backup Codes, and click Generate New Backup Codes.
     

Revoke “trusted” status for all two-factor authenticated devices

  • Log on to the my.ryerson.ca portal.
  • Under the Self Service module, click Personal Account.
  • Under Security, click Two-Factor Authentication.
  • Scroll to the bottom of the window and click Revoke All Trusted Devices.

Note: Once status is revoked, you’ll need to re-enter two-factor authentication codes the next time you sign in from each device you use for accessing Ryerson accounts.

Step 5

If you’ve activated a Google token to access Ryerson email on your mobile device or email client software, reset the Google token.

  • Log on to the my.ryerson.ca portal.
  • Under the Self Service module, click Personal Account.
  • Under Security, click Activate Google Token.
  • Click Activate Google Token.
  • For details, see our Getting a Google Token page.

Note: Once the Google token is reset, you’ll need to enter the new token on your mobile device or email client software to access Ryerson email.

Check Your Email Account Settings for Tampering

There are a variety of settings in your email that can help you determine whether your account has been compromised. Carefully check each of the following.

Tampering Method Corrections for Gmail Users Corrections for RMail Users
Deleted content Check Trash folder for deleted folders and messages.
Check Trash folder for deleted folders and messages.
Phishing attempts Check Sent folder for messages that you did not send. Check Sent folder for messages that you did not send.
Delegated sending Click the gear icon > Settings > under Accounts, check the settings for Send Mail As and Grant Access To Your Account. Verify all information is correct. Click Options > Identities > Local Account > check settings for Reply-To Address, Signature, and vCard. Verify all information is correct.
Filters Click the gear icon > Settings > under Filters and Blocked Addresses, delete anything you do not recognize. Click Options > under Local Account > Filters, delete anything you do not recognize.
Email forwarding Click the gear icon > Settings > under Forwarding and POP/IMAP, delete any forwarding rules you don’t recognize.

Learn more about Gmail’s last account activity information.
Click Options > Mail > Local Account > Forwarding. Delete any forwarding rules you don’t recognize.

Click Options > Local Account > Forwarding. Check the Enable Automatic Forwarding and Keep A Copy setting and delete any changes you did not make.
Autoreply and signature Click the gear icon > Settings > under General, check your Signature and Vacation Responder settings for any changes you did not make. Click Options > Local Account > Vacation Message. Verify the settings and Auto-Reply Message are correct.
Alternate web sessions When accessing Gmail via web browser, click the Details link at the bottom of your inbox > click Sign Out All Other Web Sessions. This stops all other computers from continuing to use your account. N/A
Trusted systems/apps Review and remove all "apps connected to your account"
N/A
Redirected sent emails N/A Click Options > Mail > General. Check the Place A Copy In settings and delete any changes you did not make.
Other hijacked accounts Check email accounts delegated to you for anything suspicious. N/A


Take Additional Precautions

Check your Google drive for any suspicious activity

  • Click View Details icon (circle with lowercase letter i on top-right side of window) to view activity log.
  • Check for any share privilege changes to folders and documents.
  • Check for any suspicious folders and files.

Verify your personal information settings on the my.ryerson portal

  • Log on to the my.ryerson.ca portal.
  • Under the Self Service module, click Personal Account.
  • Under General, click Personal Information.

Verify your online resource settings on the my.ryerson portal

  • Log on to the my.ryerson.ca portal.
  • Under the Self Service module, click Personal Account.
  • Under General, click Manage My Online Resources.
 

CONTACT THE HELP DESK

Students

Phone icon416-979-5000 x6840

Email iconhelp@ryerson.ca

Maps iconKerr Hall West, Room 71

Faculty/Staff

Phone iconx6806

Email iconhelp@ryerson.ca


More iconMore help options

 

CCS SERVICE ALERTS