What is Heartbleed?
This security bug, which was discovered and disclosed last week by Google Security, affects the OpenSSL cryptographic library which secures a large percentage of the Internet’s traffic. While you may have never heard of OpenSSL, you’ve more than likely encountered it on the web. If this vulnerability was to be exploited, a hacker could capture usernames, passwords and other sensitive information from affected websites.
How does it affect the University?
FIS and CSSD have conducted separate, detailed audits of the enterprise systems to ensure appropriate security has been maintained. CSSD and FIS have applied security updates where needed.
Do I need to change my passwords?
Yes. Please change your University Computing Account password immediately. (Directions below) You do not need to change your FIS Login account password. It’s also recommended that you change your passwords to other well-established websites. Here is a compiled list of social networking sites, online stores and email providers that could be affected.
- Log into the My.Pitt portal
- Under the My Resources menu, please choose Change Password.