Wrong CTF Token shared to student of UCI (Spring 2022)

# Wrong CTF Token shared to student of UCI (Spring 2022) **When**: January 2, 2022, 10:34 PM PH Time **Incident**: Sent out onboarding email with SS and CTF credentials to UCI Students with wrong Token. **Details of the Issue**: - Last January 2, I was given the heads up to proceed with the Security Shepherd and CTF login credentials since clean up on the backend is already done. - I go ahead and generate first the Security Shepherd logins following the trainual guide then proceed on generating CTF credentials, I copied the data on the downloaded csv into the [**Misc Doc | On-Campus Spring 2022_Cybersecurity**](https://docs.google.com/spreadsheets/d/1QAVG0nGSqW7AtFxaKOKJKZxA1k83ZWqN69sn8q9gea8/edit#gid=766414861). - Tabs/sheets are available already, *Security Shepherd* tab for SS credentials and *CTF* tab for the CTF Tokens, upon pasting the CTF tokens on the assigned tab, I noticed that there are already records on sheet, since it's my first time to do this step, I placed my generated tokens right at the end of the existing record. This is to ensure that I won't loose any data my fellow coordinators had. - Then I created a copy of the template for reference file of UCI ([University of California - Irvine_Logins_Cybersecurity_Spring2022)](https://docs.google.com/spreadsheets/d/1xnn4kNEMT0py_udySXEJ6t08rx-mXJiKw1vYyabKXJc/edit#gid=1352354350) which contains all the credential records of UCI students and use it as contact list for the onboarding email campaign. This file is to be shared with TFs so they'll have reference too, since this has a template, it already has the importrange formula and just have to update the link of the file which I did so. - The file is linked to the "application data_admitted" tab of our Misc Doc, and this tab is formulated already, no need for update on our side. - After everything is available and ready, I made the email campaign and sent it out, after 2 hours I received an email from one of UCI students saying that he's been having some trouble with CTF registration. **Corrective Actions**: - I checked the reference and I confirmed I sent him complete information, it took me a while to have realized the possibility of having duplicate tokens since sheet was already populated. - I checked and found out that all of the records on the sheet are duplicates of what I had generated but with different tokens. - After figuring that out, I immediately replied to the student with his correct CTF token, then sent another email campaign with the correct CTF credentials. **Root-Cause** - Duplicates in CTF Token due to Clean-up done in the backend prior to Jan 2. **Actions to Prevent Recurrence**: - **Lead**: Inform the team whenever there are clean-up in the back-up so coordinators can double check generated credentials