In the last week an encryption flaw – a vulnerability in how sensitive data is passed between your device and the server – called the Heartbleed bug has been exposed and is being billed as one of the biggest security threats the Internet has ever seen.
The bug has affected many popular websites such as Gmail, Facebook, Instagram, and Pinterest and could have exposed sensitive account information such as passwords and credit card numbers over the past two years.
The bug, affects web servers running a package called OpenSSL. SSL is the most common technology used to secure websites. It is crucial in protecting online activities such as online shopping or banking from attacks.
Some Internet services that were vulnerable to the bug have already updated their servers with a security patch to fix the issue. This means you’ll need to go in and change your passwords immediately for these sites. Also, if you use the same password on multiple sites, and one of those sites was vulnerable, you’ll need to change the password everywhere.
Steps to protect yourself
- Don’t log into affected sites, you can check which sites have been affected here https://filippo.io/Heartbleed/
- After the site has confirmed it’s patched their service, change your password.
- Change your passwords across all websites and try to keep them unique for each site.
- Keep an eye on any of your sensitive online accounts such as your emails or banking accounts for suspicious activity.