Earlier today a major security encryption flaw called Heartbleed was uncovered by the Google Security Team and a security company called Codenomicon.
The encryption flaw is part of the OpenSSL encryption system. SSL is used on 56% of the worlds websites. SSL is used on eCommerce and other websites to secure sensitive data such as credit card and social security information. The encryption flaw allows hackers to easily bypass this security and access your personal data.
The Tor Project Website, a website dedicated to the TOR network which is used by privacy concerned internet users all over the world, even suggests staying off the internet this week.
suggest staying off the internet this week
What Sites are Affected by Heartbleed?
- Yahoo (website and mail)
- Google (website and Gmail)
- AWS (Amazon Web Services, not Amazon.com)
- Intuit (Turbo Tax)
What Do I Do if I Have Accounts on These Sites?
- Wait for an official response from the site that they have resolved the issue and have updated the security patch.
- Then, and only then, change your passwords. Changing your passwords on any of these sites before they’re secure defeats the purpose.
- Keep track of your sites and accounts for at least a week.
[ult_infobox color=”#000000″ backgroundcolor=”#eeee22″ bordercolor=”#dd9933″ icon=”user_group_alert” ]And to all our clients using OpenSSL, we have already supplied the security patches for you and regenerated your certificates. Your sites are safe. Now let’s wait for facebook and Google to catch up.[/ult_infobox]