Heartbleed: is your IT account at risk?
15 Apr 2014
Heartbleed is a serious worldwide IT security issue thought to have affected approximately half a million websites.
You may be aware of the Heartbleed security issue recently highlighted in the media. A bug has been discovered which could potentially be used to expose personal information from some websites.
The bug is in a piece of software named OpenSSL, which is used for encrypting communications between a secure web server and the web browser on a computer or mobile device. It could technically allow anyone on the internet to read some of the memory on the systems using the vulnerable versions of the software.
The BBC have an easy-to-read breakdown of the Heartbleed bug on their website:
All of the main University websites, including the University’s Central Authentication System have been updated to fix the issue, therefore are not vulnerable to the Heartbleed bug. Any other vulnerable sites are in the process of being updated. While we do not believe any private or confidential information has been compromised, we are investigating this thoroughly, so please look out for further details from us.
If you receive any information on this topic from non-University websites (eg email providers, social media websites or online shopping websites), you should follow their instructions.
IT Services