As the news or social media may have informed users, there is a widespread bug affecting the Internet, dubbed Heartbleed. The UNM Information Technology department is aware of the Heartbleed bug and has been actively scanning and updating servers, where appropriate, to address any vulnerabilities. Many UNM services, including Lobomail and MyUNM, are unaffected.

What you should do:
Don't panic. Not all systems are vulnerable and many websites are already installing patches on their systems.

The best defense against vulnerabilities like this one would be to adhere to these security best practices:

  1. Routinely change passwords. 
  2. Using different passwords for different websites, especially your financial websites.
  3. Use your UNM NetID and password combo only for UNM sites and business. Do not use this combination of username and password on 3rd party sites, trusted or not.
  4. Use multifactor authentication when possible. Many sites, like banks, credit unions and even Facebook, now offer this service but do not require it. 
  5. Expect new email phishing and social engineering campaigns to take advantage of this wave of fear many users may now have in the wake of this announcement.

To find out more about this bug, visit US CERT. For a comprehensive, updated list of consumer sites affected, visit: Heartbleed.