Students, tutors, staff and university organisations were faced with a problem on Sunday when they tried to access Oxford’s Nexus email on their browsers.
Users trying to access the Oxford Nexus email website via web browsers were informed by an automatic message that the site’s security certificate was not to be trusted.
The message gave users the choice of pro- ceeding, warning that security of the Nexus site could not be guaranteed, or returning “back to safety.”
Though the message was alarming, no data was stolen and the site had not been compromised.
A University spokesperson told Cherwell, “Due to an oversight the security certificate for the Nexus website expired without being automatically renewed.”
As a result, the security certificate for the Nexus webpage was temporarily invalid, prompting online security systems to respond by sending out an automatically generated message to all users attempting to access the Nexus login on Sunday warning that the site was untrustworthy.
The University spokesperson apologised for the incident, saying, “Though no part of the university website or its users’ data was compromised and there was no security risk, the University apologises for the inconvenience it may have caused to users and has put mea- sures in place to ensure such a lapse doesn’t happen again.”
Most students were indifferent to the incident, with few reporting any major disruption. The majority responded by saying that they either disregarded the warning and proceeded anyway or used other email accounts.
A second-year English student Ellen Brews- ter said, “To be honest it didn’t bother me that much, because I ignored the security warnings and just proceeded through the advanced settings. I know that some people were quite anxious to know if everything was all right, but as I don’t tend to use my Nexus account for anything that’s personal and not university or college related, I wasn’t too fussed really.”
Advertised by Oxford’s IT services as “the major communication medium in Oxford”, Nexus is vital in the business of the university – each student is automatically registered upon joining the University, and the service is used daily for correspondence between students, tutors, staff and campus organisations.
Run by the Oxford University IT services department, Nexus has been in use as a central- ised system by the University for several years with few incidents. The service is generally reliable, although there have been some minor issues with sending attachments via Google Chrome.
Emails from Nexus can also be forwarded to inboxes on mobile devices, a service which was unaffected by the incident on Sunday.
Staff at the IT services department reacted quickly to the incident, renewing the SSL security certificate by midnight on Sunday. Normal service was resumed on Monday morning with no further issues.
