Dear Faculty, Staff, and Students,

As you may have heard in news reports this week, the computer security world was shaken on Monday night with the announcement of a security vulnerability named Heartbleed. Roughly two-thirds of all websites and services on the Internet were put at risk because of this threat.

If a hacker successfully exploited the Heartbleed vulnerability, the hacker would be able to steal information from a website without being detected. Through Heartbleed, that hacker might gain access to information about the people that visit the website, including the visitor’s password, credit card, Social Security number and other personal information.

IT staff around the world have scrambled this week to take steps that will eliminate this vulnerability. CITES is no different. By Tuesday of this week, CITES had already patched all of the servers running CITES services to close the Heartbleed vulnerability. CITES and campus IT staff are currently taking further steps to mitigate future risks from Heartbleed.

Our recommendations as well as more information about Heartbleed can be found at: http://go.illinois.edu/heartbleed

Sincerely,
Paul Hixson
Chief Information Officer
University of Illinois, Urbana Champaign