Security & Policy HomeInternet Risks

Heartbleed FAQ

This page is intended to provide resources and information based on frequently asked questions about the Heartbleed Bug.

Should I be concerned about this?

Yes, we advise caution over the next week until websites are updated. If you can, avoid online banking and shopping. There are online scans and information available about which websites have been updated or are still vulnerable. Understand that these links are provided to give you an idea of the sites that have been affected by this vulnerability and may not be inclusive or up-to-date.

You can also check the status of a website using one of these services:

Should I change my password?

Security experts advise consumers to wait or at least be cautious before changing passwords. You should wait until the site has been updated and is no longer vulnerable to the Heartbleed Bug or you may be giving an attacker your new password as well.

Should I change my Lehigh password?

Yes, we recommend that you change your Lehigh password. As with all websites using OpenSSL, there was a period prior to the discovery of this bug, when Lehigh systems were vulnerable. The Lehigh account maintenance page can be accessed