Will the Heartbleed bug effect me?
If you use the internet – probably. This is not to say that your information has necessarily been compromised, the point is it may have been. For this reason, the first thing to do is to change all your passwords and do so now.
The Heartbleed Bug is one of the more serious threats in the last number of years, not least of all because it relates to encryption software run by pretty much all the major websites, but also because it went undetected for the last 2 years.
(Our Driver Update, Antivirus and other software is processed through safecart.com which has now, like Amazon and other major websites, applied a security patch to protect against the Heartbleed Bug.)
What is the Heartbleed Bug?
The Heartbleed Bug is a vulnerability in OpenSSL encryption software (official reference CVE-2014-0160), this is the secure connection depicted by the little padlock icon that you will see on the vast majority of websites including Twitter and Facebook. This vulnerability in the encryption software potentially allows hackers to access and steal supposedly-encrypted data such as passwords and credit card details.
The bug itself is a security loophole which can be exploited by hackers in order to surreptitiously gain access to user data. Messages are often sent between computers on a secure connection so one computer can check that the other is available – this involves sending a small packet of information or data, known as a heartbeat – the receipt of which may be confirmed by the recipient computer on the secure connection. The vulnerability lies in allowing hackers to use fake data packets, prompting the target computer to respond with the users data.
What do I do to protect myself against the Heartbleed Bug?
As mentioned above, if you haven’t changed all your passwords, do so now. Assuming that the websites in question have applied security patches to address this vulnerability, changing the passwords will protect your data, so the new password will not be compromised. You should also apply any Operating System security patches that are provided.
You can check if a website has updated its version of OpenSSL to protect against this bug by using the online heartbleed test tool .
Most major websites will have been exposed to this vulnerability so we recommend changing all passwords. If you use common passwords across websites – change them all as this presents a great opportunities to hackers to access your data, even on sites that were not initially exposed to this security bug.