- SCU Home Page
- About SCU
- On Campus
- News & Info
News and Events
Information Security News and Events
HeartBleed-Critical Internet Security Issue
Wednesday, Apr. 9, 2014
Immediate action required whether you use a PC, Mac, or smartphone. Researchers have discovered a critical bug in the communication protocol that is used to secure transactions on an estimated 500,000 websites. When you log into a website, your username and password are sent to that website's server. Typically your credentials are encrypted using a protocol called Secure Sockets Layer, or SSL. One of the most commonly used implementations of SSL is called OpenSSL and it is used by approximately 66% of websites.
Heartbleed is a bug in OpenSSL that allows attackers to decode and read text from emails, instant messages, passwords, even business documents -- anything sent to a vulnerable site's server. Heartbleed is so critical that almost every major web site and vendor service is scrambling to resolve it.
Google has released a statement that their sites are not vulnerable. SCU’s technical staff is working with our vendors to identify and address the issue on other SCU systems.
SCU's Information Security Office strongly recommends that you change your SCU Network ID and eCampus passwords right away.
You can change your Network ID password here: https://sso.scu.edu/gam/passwords.html.
We also recommend changing passwords for all sites where you conduct financial or personal business. Be sure to use long and strong passwords and change them regularly.
More information about Heartbleed