Are You Still Safe?

Leave a reply
Heartbleed

Heartbleed

As if the Target credit card breach four months ago was not enough, we now have another personal data breach to worry about. On Monday, April 7, 2014, an announcement was made that websites using certain versions of OpenSSL cryptographic encryption protocols had a memory handling bug that could be exploited to reveal personal user information, including user names, e-mails, passwords and potentially much, much more. This vulnerability was published on December 31, 2011 and has been used by countless sites for well over two years.

What’s the risk? It’s a hard question to answer. Potentially the bug was not exploited or a particular individual’s data was never directly compromised, so no harm was done. Alternatively, some individual account passwords may have been compromised and someone out there has a list of user names and passwords and can, at their leisure, log into other people’s accounts and access more of their personal information, impersonate them or even access financial or medical records! Overall the risk is probably low, but if you’re the one with compromised information … it’s a lottery you probably don’t want to win.

So what do you need to do? The easy solution is to prevent potential access to your accounts. You can do this very simply by changing your password. The good news is that not all sites have been impacted by this bug, but a lot have and some are very big and popular and could potentially be very harmful. Both Wikipedia and Mashable have published detailed information about the Heartbleed vulnerability and also listed the largest sites that are (and are not) affected. Visit these sites and see where you need to change your password and please do this as soon as you can!

We do have some good news for you. a Snaggy diMe does not use OpenSSL, so we are not vulnerable to Heartbleed. And our payment processor, PayPal, has posted an announcement that they are not subject to this vulnerability either. But we do urge you to check your other service providers and see if you are impacted by Heartbleed.

[whohit]2014-04-10 Are You Still Safe?[/whohit]

Post Views: 542

Leave a Reply