April 10, 2014
A widely reported critical security flaw, called ”Heartbleed“ has been discovered that affects not only some campus systems, but also many information systems worldwide. One possible consequence of this flaw is that attackers can easily steal personal information and see sensitive information and even passwords used on vulnerable websites and systems.
Impact on UC Berkeley IT Systems
Campus information security is actively identifying potentially vulnerable systems, and monitoring for attempts to exploit the flaw. IT staff on campus have been asked to review their systems and apply available patches.
Our CalNet login site and email system did not have this vulnerability. However, other campus systems, and other systems you may use outside of campus in your professional or personal life, may be at risk.
We are asking you to please take the following voluntary precautions.
Beware of Suspicious Email and Phishing Attempts
In addition to the above precautions, we are asking you to be aware of the following:
The campus information security team can provide more in-depth presentations about this vulnerability, phishing scams, or other security topics to campus departments, units or other peer organizations. We encourage departmental administrators and other interested individuals and groups to send an email to email@example.com or visit https://security.berkeley.edu/phishing for more information.
A member of the Chancellor's Cabinet, the AVC-IT/CIO leads the campuswide IT planning effort, chairs the Campus Technology Council (CTC), and sponsors the following campuswide IT committees:
The AVC-IT/CIO represents UC Berkeley in the following organizations:
The AVC-IT/CIO oversees the campus's central IT service organization Information Services and Technology (IST).
Associate Vice Chancellor – IS&T and Chief Information Officer
Assistant Vice Chancellor – IS&T and Deputy Chief Information Officer
University of California, Berkeley
Earl Warren Hall
2195 Hearst Ave Suite 200A # 4878
Berkeley, CA 94720-4878