The Heartbleed Bug — UFV ITS response

By now, many people will have heard about the Heartbleed bug, a newly discovered vulnerability in a widely used encryption program called OpenSSL. This issue is widespread as OpenSSL is used to secure communication of confidential information such as passwords, credit card numbers and other personal data across the Internet. IT Services is treating this situation very seriously and has taken steps to protect UFV users and their information.

IT Services identified a small number of systems that were potentially vulnerable. These systems have now been fixed, or taken offline until a fix is available.

As always, we support the practice of changing passwords on a regular basis. Our recommendation is that you take this opportunity to change all of your UFV passwords as a general precaution.

Internet service providers and Website owners are working to ensure that vulnerable versions of OpenSSL have been replaced. Once this process is completed, it is recommended that you change your passwords for any accounts you may have on the Internet, but only after the affected site has advised that OpenSSL has been upgraded.

IT Services

For more information, contact Christopher Jones at Christopher.Jones@ufv.ca

04/25/2014