Although the Heartbleed Bug was a widespread security breach, students no longer have anything to fear.

The Heartbleed bug was a security vulnerability discovered in early April that affected many websites, and opened Internet users up to having their sensitive information being accessed by others.

Any website that uses open SSL, an open source software, is vulnerable to the bug, said Robert Green, assistant professor of computer science.

When PCs and servers communicate, a server sends a computer a word, and asks for the computer to send back a word with the same amount of characters.

“[The server is] going to say dog, and you’d say three characters back,” Green said. “What the Heartbleed Bug does is, instead of that, [the server would] say dog, 10,000 [characters] … you read dog in your memory, and you send the rest of the memory after that until you hit 10,000 [characters].”

The extra information sent could include things such as passwords, user names and other sensitive information.

The bug existed for two years before it was found, said Matthew Haschak, director of IT security and infrastructure.

Once it was found, solutions to the problem were quickly sought out.

“It became a race between the hackers trying to take advantage of it, and the good guys trying to fix everything before hand,” said Haschak.

Green said the bug was quickly fixed after it was found.

“The good thing is it was fixed really rapidly after it was found,” he said. “Everyone is making a bigger deal of it than it is because it was fixed so rapidly.”

Once the bug was found, patches were made in order to fix it.

Now, there are checks in place to count the number of characters sent between servers and computers to keep the security breach from happening, Green said.

The fix was only a few lines of code, he said.

“As far as bugs go, this is one that was extremely simple to fix,” Green said.

In response to this bug, the University tried to patch its systems as quickly as possible, Haschak said.

There were 82 systems to patch, but there were a handful the University didn’t have full control over, such as fire walls, and had to wait for those specific software producers to release a patch.

“We were kind of in a holding pattern from there,” Haschak said.

This bug opened up websites to attackers, and the University was able to see that activity after the patches were made.

There were about six “attackers” after the patches went up, but they weren’t able to take advantage of the bug because of the security updates, Haschak said.

Although the security vulnerabilities have been patched, Chief Information Officer John Ellinger encourages students to change their passwords.

“The only thing [students] needed to do is to change their password after they have been informed,” he said.

Green said students should also use different passwords for different websites.

Students should be cautious of emails asking them to change their passwords.

“Whenever an event like this happens, the bad guys know that we’re telling students to change [their] passwords,” Green said. “They will act like security or ITS and bring them to bad website … Be wary of communications asking you to click on a link to change your password.”