Heartache with heartbleed

Heartbleed is the name of a bug found on many secure web servers.  Many servers using OpenSSL were vulnerable to the Heartbleed bug.  An estimated half-million web servers were effected.  As of April 7, 2014 a fix was released.  April 7, 2014 was also the day the vulnerability was announced.  The problem is the vulnerability was around for over two years.  This means the vulnerability could have be used and information could have been compromised.

Many companies are updating their servers.  The solution to the bug is available, but some companies are slow to implement it.  As of the writing of this article, there are reports of the Heartbleed vulnerability being used in the wild.

Should you be concerned?  Yes you should.  There is no “correct” course of action to take to prevent your information from being compromised.  What we recommend is, find out if the secure sites you visit were affected by the Heartbleed bug.  If they are/were, were those sites upgraded.  Once the sites are patched, we recommend changing your username and/or passwords.

As a tip, if you use an email address as a username, never use the same password as your email address.

If you have any questions regarding this article, or any computer related issue, feel free to contact us.