Wayne State University

Aim Higher

News Item

Wayne State responds to the Heartbleed Internet Security Threat April 11, 2014

The Internet security threat Heartbleed has been in the news since Monday, April 7. Passwords and personal information are said to be at risk of falling into unauthorized hands.  Wayne State's IT specialists have responded to this threat on several fronts:

  • Our Internet firewall is and has been blocking any outsiders that are trying to exploit the Heartbleed vulnerability to steal sensitive information.  
  • Our critical systems (Banner, Wayne Connect, Blackboard, Pipeline, Cognos, WiFi) do not run the vulnerable software, so the data and passwords used with these systems was not at risk.
  • A few non-critical systems were vulnerable, and they were patched on Tuesday, April 8. 
  • The Wayne State VPN is vulnerable, and a scheduled upgrade of our VPN software on Sunday, April 13 will fix this permanently.  Because WSU's Internet firewall is properly blocking attacks coming from the Internet, there is no risk from using the VPN until the permanent fix is applied.

Beyond Wayne State's IT environment, there are many websites that may be susceptible to the Heartbleed security threat.  You may have heard security experts and media sites urging people to immediately change all of their online passwords.  There are two different resources you can use to identify vulnerable websites:

Remember that legitimate emails will never ask you to respond with sensitive information such as passwords, Social Security number, or bank account number. If you have any questions, feel free to drop us a line at helpdesk@wayne.edu.

WSU Computing & Information Technology
computing.wayne.edu

This entry was posted on April 11, 2014 and is filed under Other.