NOTICE: Elsevier Data Leak. Action Required.

Brown University has learned of a data leak at Elsevier, the provider of platforms such as Science Direct and Mendeley, and a major publisher of scholarly journals. An Elsevier server was exposing user emails, usernames, and passwords in plain text for an unknown length of time. Password reset links might also have been leaked.

Elsevier has fixed the leak and is investigating the error. The company has further stated that it will provide notice to individuals affected by the breach, and that it is working to reset user accounts.

Please note that Brown University login credentials have not been compromised, and do not need to be changed. If you only use your Brown username and password to gain access to these resources, and have not set up an account with an Elsevier resource to save searches, create lists of publications, or use Mendeley, you are not affected by this issue.

If you have created such an account with an Elsevier resource, the University recommends that you change the password associated with that Elsevier account immediately. If you use the same password to access your Brown and/or Google accounts, you should change them as well.

Remember that, as a sound practice, you should not reuse passwords between online services. When choosing a password, please create a strong password that you do not use on any other service. CIS offers specific guidance on creating and using strong passwords.

If you have any questions about accessing library electronic resources, please get in touch with [email protected]. Security questions can be directed to [email protected].