Heartbleed was a security flaw discovered this week in the popular open-source software OpenSSL. The software is used by many websites to provide secure connections between clients and servers. It’s believed that the bug affected approximately 66% of the internet.
The flaw can potentially lead to systems being attacked and login information stolen. Fortunately the team behind OpenSSL quickly fixed the flaw and provided a patch for systems running the software that eliminates the issue.
All University IT has been checked for the vulnerability and all services used by staff, students and visitors are unaffected by Heartbleed so there is no need to change your University password unless you have used the same username and password on other services on the internet.
If you are unsure if a service you use has been affected by Heartbleed there is a useful list on Mashable that highlights those which have been affected, their official stance and any recommended action that should be taken.
As always its good practice to avoid using the same username and password for multiple services, create a strong password and ensure that you change it regularly.