The OpenSSL website vulnerability — known as Heartbleed — allows attackers secretly to access and download information that may include user IDs, passwords and other sensitive and personal information.
As soon as the vulnerability was announced April 7, UAB IT investigated all centrally hosted and supported systems and installed vendor-supplied patches to protect UAB users and data.
The probability that a UAB system is vulnerable is low; however, as a precaution, UAB IT recommends that employees, staff and students who conduct personal business using the Internet change those personal passwords to protect themselves against fraud, identity theft and other cyber-crimes.
Learn more on the UAB IT website at www.uab.edu/it.