The Little Big Heartbleed Bug Secret

Change your passwords NOW

The Little Big Heartbleed Bug Secret

Technology has opened the door to so many fantastic possibilities for us, yet hackers spend their days reminding us how vulnerable our lives area.  The reality is, that all of your information online is very vulnerable, and many of you know that. Last week, we discovered that the Heartbleed bug has been seamlessly sucking information from our accounts for a long time, right under our nose.

What is the Heartbleed Bug?

Heartbleed bug is a security vulnerability in OpenSSL software, allowing hackers to access memory of data servers. An estimated 500,000 sites may have been affected.  Chances are high, that you are affected by this.

Well, here is the jist of it. The Heartbleed bug has  been leaking information from a key safety feature that was supposed to keep our online accounts, including email and banking, private. Not all sites are using the software (OpenSSL) that is vulnerable to the Heartbleed bug, but those that are, are rushing to fix it. Sites that have been affected (see a list of the bigger ones below), should have notified their users, but didn’t-I’m assuming they are worried about the PR backlash. AS THEY SHOULD BE!

If you have not been alerted, and you have an account with one of the sites listed below, PLEASE CHANGE YOUR PASSWORD as soon as possible. These sites have patched the loophole that has allowed the Heartbleed bug to penetrate their systems.

Affected sites

Here are the sites, that have already fixed the problem (change your passwords)

  • Google, YouTube, Gmail
  • Facebook
  • Yahoo, Yahoo Mail, Tumble Flickr
  • Wikipedia

Not all sites were affected by the Heartbleed bug, so if you have accounts with any of these, do not worry:

  • Bank of America
  • Amazon
  • Chase Bank
  • AOL and Mapquest
  • Charles Schwab
  • E*Trade
  • Fidelity
  • HSBC bank
  • LinkedIn
  • Microsoft, Hotmail
  • Paypal
  • PNC Bank
  • TD Ameritrade
  • Scottrade
  • Twitter
  • U.S. Bank
  • Wells Fargo

If you have accounts with Apple, iCloud, iTunes and American Express, do not change your password yet, but stay alert for more information on when to do so. They have not released information about the vulnerability being fixed yet.

If you have not been notified that the sites have fixed the problem, then changing your password is pointless.

A helpful tip

Always remember, a good password includes lower and upper case letters, numbers and symbols. You can use a password generator to help you draft a strong password. Also, don’t share sensitive data over email, such as bank account and credit card information.

No comments

Leave a Reply

Your email address will not be published. Required fields are marked *