Heartbleed Vulnerability: What’s the Risk to You?

Share on FacebookTweet about this on TwitterShare on Google+Email this to someone

Encryption is used to protect and secure all sensitive information online, including your passwords, usernames, communications, and personal information. On Monday night, a serious vulnerability in the popular OpenSSL encryption software allowed anyone on the internet to read secured data on vulnerable versions, also known as the Heartbleed bug. These versions have been deployed for over two years, and it’s estimated that this bug may have affected two-thirds of the internet’s websites.

What Heartbleed means for you:

  • The secret keys used to encrypt your personal data may have been compromised
  • This bug has left a large amount of private data exposed, and your could be included
  • Attackers could eavesdrop on your communications, steal data directly from your open web services, and impersonate you with your information

Users can take action against the bug:

  • Check a website for vulnerability: http://filippo.io/Heartbleed/
  • Stay away from popular websites that are not yet patched
  • If the website has been patched, change all passwords immediately

OpenSSL is a popular cryptographic library, used to keep many of the world’s websites secure on the internet. Many online services use OpenSSL, making this a potentially serious security breach for most internet users. As long as a vulnerable version of OpenSSL is being used by a website, it can be abused. A new patch has been released for websites to use, and all previously used passwords should not be reused.

More information about the heartbleed bug can be found at: http://heartbleed.com

Share on FacebookTweet about this on TwitterShare on Google+Email this to someone

November 4, 2014 / By: