Information Technology Services (ITS)
Published on: April 10, 2014
This a general notice to the UofT Community about the widely reported Heartbleed Bug.
What is Heartbleed?
The Heartbleed Bug is a vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing of the normally protected information, such as passwords and data.
Are UofT systems affected?
At this time, we do not believe our central systems and the core network infrastructure to be vulnerable to the bug. As good practice, we recommend a password change for added security. ITS is supporting divisional system operators to implement appropriate protection where needed.
Users should otherwise check with other non-university service providers to see if they should change their passwords.
The following central systems were not affected by the Heartbleed bug:
- The Portal (Blackboard)
- E-mail (UTmail+, UTORmail, UTORexchange)
- Library Services (http://library.utoronto.ca)
- Taleo (Job Application System)
ITS will be posting relevant updates to this page as they become available. If you have any questions, please contact your local Help Desk.
Password change resources:
As a general principle, your UofT passwords should be different from passwords used for Non-UofT services.
- UTORid (for WebLogin, E-mail, The Portal)
- AMS (for AMS: HRIS, RIS, MRA, FIS, ESS, and other SAP services)
- University of Toronto news story, What Heartbleed Means To You