Information is one of our most important resources, and all members of the University have the responsibility to protect the information entrusted to them. All members of the University are required not only to be aware of the threats to information security, but also understand what controls are required to protect their information. Although the University President is ultimately responsible for the security of information for the University, the Information Security Office has been established to carry out the implementation of the information security program. All of us at the University have a responsibility to do our part in protecting information against threats to confidentiality, integrity, and availability.
A recently-announced security vulnerability has potentially affected hundreds of thousands of servers on the Internet. Depending on the service used, this has made it possible for attackers to easily obtain user names and passwords of any system you access. The Health Science Center's senior leadership and Information Security are advising everyone to immediately change their passwords for any online service they use, such as banking and credit card websites. This vulnerability is serious enough that it is best to presume your account information has been compromised and should be immediately changed.
A link to CNN's coverage of this vulnerability can be found here.