Heartbleed & UWS Update

tim hudsonHello UWS!

If you have been reading the tech news, you may have heard about a large security threat called the “Heartbleed” bug. The bug exposes a flaw in the encryption security framework of many public internet websites. The bug allows for previously assumed “secure” connections on those websites to be breached and previously assumed “secure” information to be accessed.

Your UWS account has not been affected by this bug, as we use a more up-to-date and higher-strength encryption framework through Microsoft for our account provisioning. The office of IT is evaluating and assessing the full extent and impact of this bug. Thus far we have identified that only a few UWS services will likely require patches, and we are working to enhance the encryption for those services. At this time we do not believe any sensitive data has been compromised, but if we do identify a breach, we will alert the community and affected parties.

At this time you will not need to change your UWS password; however, many other popular websites are suggesting that you should change your password. If you have an account with the following websites, it is recommended that you change your password for that account.

Instructions for changing those passwords can usually be found on the site itself.

  • Social Media: Facebook, Instragram, Pinterest, Tumblr
  • Search sites: Google, Yahoo
  • Email: Gmail, Yahoo Mail
  • eCommerce: Etsy, GoDaddy
  • Entertainment: Flickr, Minecraft, Netflix, SoundCloud, YouTube
  • Government: USAA
  • Other: Box, Dropbox, GitHub, IFTTT, OKCupid, Wikipedia (if you have an account), Wunderlist

(Information courtesy of Mashable)