GDP and Heartbleed Bug Impact

Dear GDP Instructors,

As you are probably already aware, a security vulnerability known as the Heartbleed bug was discovered on April 7th, 2014 (http://goo.gl/D5QBo9). Limelight Networks, our content delivery network vendor for GDP and handles the SSL encryption/decryption for us, quickly acted and patched this vulnerability as of April 8th, 2014 at 1pm MST (http://blog.limelight.com/2014/04/limelight-response-to-the-heartbleed-bug/).

This does NOT mean anyone had access to the GDP database as the database is behind a dedicated firewall that is not available from the public internet. The GDP ecommerce was also not impacted, because it uses a non-open source SSL.

In an abundance of caution, we recommend that you and your students change your GDP password. If the GDP admin disabled the ability for the students to change their passwords, the GDP admin can re-enable it through the Settings menu.
• Password reset instructions for instructors: click here
• Password reset instructions for students: click here

Thank you for you continued support. If you have any questions, please email thuan.vinh@mheducation.com.

Regards,
The GDP Product Team