On 11/21, Information Technology Services identified multiple email accounts sending a single message from a single location outside the United States. Upon further investigation, it appears that a large number of mostly student accounts were being tested for validity prior to being used in future attacks or being sold.
We are currently investigating the method used to obtain these credentials. At this time, we have no reason to believe this information originated from UConn or that any other information has been accessed inappropriately.
Given that your ID and password was used in this attack, it is imperative you change your password immediately at netid.uconn.edu, and if you use the same account and password elsewhere, we highly recommend changing those passwords as well.