Change Your Password - Campus impact of the Heartbleed bug
You may have heard about ‘Heartbleed’, the new OpenSSL vulnerability that has been discovered. This bug can affect some devices or sites offering “secure” links such as those used for online banking, shopping, etc. The bug is not a virus or malware and can not infect your computer, but it does potentially expose your secure information such as usernames and passwords to hackers when you visit vulnerable sites.
Campus IT security and networking staffs have been conducting scans of our network to identify campus devices or sites that may be vulnerable. At this point, we believe that all vulnerable devices and sites on campus have been identified and patched, or this vulnerability has been mitigated.
There is no evidence to indicate that any University computer system has been compromised using this vulnerability. We will continue to monitor the situation, and will report any additional news that may impact the University.
As a precaution, it is highly recommended that you change your passwords. This is a perfect opportunity to do some 'spring cleaning'! Which passwords? All of them! This vulnerability has affected a large number of sites on the Internet, and it is impossible to tell if your account has been compromised. So, please take some time and update all of your campus and personal accounts.
Mark Clements, CISSP
Director of Administrative Computing and Networking,
Information Security Officer
University of Wisconsin Oshkosh