What is Heartbleed?
Some websites running SSL encryption, such as Facebook, Twitter, Gmail, Airbnb, Pinterest, among others, were exposed to a major security bug called Heartbleed on Monday. The bug was reportedly discovered by a member of Google’s security team. Heartbleed could be one of the biggest security threats the Internet has ever seen. If you have logged into any of the affected sites over the past two years, your account information could be compromised, allowing cybercriminals to snap up your credit card information or steal your passwords.
What effect/damage can it do?
The bug affects web servers running software such as Apache (among others), and it has the potential to expose private information users enter into websites, applications, web email and even instant messages.
And while most security experts advise that you always use websites and services offering SSL security encryption whenever possible, the Heartbleed bug has the ability to allow malicious operators to defeat this security layer and capture passwords as well as forge authentication cookies and obtain other private information.
A security patch for the bug was announced on Monday, but many websites are still playing catch up.
Which websites are affected?
Yahoo, Flikr, EventBrite, Scoop.it, USMagazine, RollingStone.com, Facebook, Twitter, Pinterest, Google, Gmail, Hotmail etc
*Some have since been fixed with security patch but be vigiliant.
If you own a website, be sure to get in touch with your web developer to make sure your website is up to date and secure. If you are a business who uses Facebook or Twitter be sure to change your password to protect your accounts.
3 things you can do to protect yourself
- Change your passwords (Facebook, Twitter, Gmail, Amazon, EBay etc)
- For at least the next week, keep an eye on any of your sensitive online accounts (banking, webmail) for suspicious activity.
- Be cautious about sharing personal information online (never share credit card or bank details online in emails, instant messages etc)
Share this information with friends and contacts so that people will not be affected by this bug!