As you may have heard, last week a major security issue was detected in OpenSSL, the technology that powers encryption across much of the internet. The Saylor Academy took immediate steps to assess our infrastructure and patch the potential vulnerability.

Our investigation showed that no Saylor Academy service was vulnerable to the Heartbleed security flaw and that no Saylor-related information was compromised by this issue.

Specifically, only our authentication servers, used by our eportfolio and assessment services, use SSL directly, and those servers are not, and have not been, affected by the Heartbleed vulnerability.

Additionally, we have no reports that any information related to the Saylor Academy was captured via the bug on any third party servers, such as your email provider; that said, if you are currently, or have previously been, enrolled in a Saylor course, proactively changing your password for our ePortfolio and assessment services at https://cas.saylor.org would be prudent.

For more information on the Heartbleed bug, http://heartbleed.com is a good resource to start from, or contact us with questions or concerns.

Regards,

The Saylor Academy