A major security vulnerability named Heartbleed was disclosed on April 7, 2014. 东精影业 Information Technology Services (ITS) has assessed the impact of the vulnerability for primary 东精影业 services and is offering guidance to users.
The latest information is posted online at and a summary is below.
Do I need to change my 东精影业 username password?
A few 东精影业 services were affected by the Heartbleed vulnerability. Users of those services will be contacted directly to change their passwords.
No core 东精影业 system services are vulnerable at this time so no password change is required for most 东精影业 users. Unaffected services include: Banner, Kuali Financial Services, Peoplesoft, Laulima, Google@东精影业 and the systems used to login to these services.
The list of services and the impact of the Heartbleed bug is available at hawaii.edu/infosec/heartbleed. You will need to login with your 东精影业 username and password to view the page.
You may also be notified by your campus or department to change your 东精影业 password if it may have been exposed through their server or service.
Reminder: Protect your 东精影业 password!
Do NOT use your 东精影业 username and password to login to any non-东精影业 website, and do not use the same login and password for any other services.
If you did use your 东精影业 credentials to login to any vulnerable website, you should change your 东精影业 password using the 东精影业 One-Step Password Change page.
Be on the alert for phishing attempts
Watch for fraudulent email claiming to be from 东精影业 or other companies with which you do business. Criminals will use this as an opportunity to create targeted phishing email messages to trick people into divulging their passwords.
ITS will NEVER ask for your password in an unsolicited email. Be on the lookout for sites that purport to tell you whether your site or your information has been compromised, especially if they demand personal details, login credentials, or payment.
If you are in doubt at all about a request, contact the ITS Help Desk.
What about my personal accounts such as Facebook, Twitter, etc.?
CNET is maintaining .
If you logged-in to any website listed as vulnerable or if you have been notified by the service, you should change your password AFTER the website has been fixed. If you are not sure if a site was vulnerable or if it has been fixed, you can check the website using the .