Connecticut BBB Urges Businesses to Check for “Heartbleed” Computer Bug

Security engineers discovered that “Heartbleed” exploits a flaw in OpenSSL, which allowed them to view passwords and user names during their tests.
April 10, 2014

Heartbleed LogoComputer Security Software Glitch Can Steal Consumers’ and Companies’ Private Information

Wallingford, CT - Connecticut Better Business Bureau is alerting business owners about a frightening flaw in computer servers running the most widely-used internet encryption security system.

Security engineers discovered that  “Heartbleed”  exploits a loophole in OpenSSL, which allowed them to view passwords and user names when they tested the bug.  Secure Sockets Layer (SSL) is an open-source software program that encrypts data over the internet.  It is used to secure business transactions, email, instant messaging services, social media sites and any other sort of web-based system that must secure the data that is transmitted to and from its servers.  

Once the specialists understood how it worked, they avoided publicizing the discovery until OpenSSL’s developers could create an update that eliminates the security loophole.

Yahoo was among the first-named websites where Heartbleed was detected.  Yahoo and other major companies that rely on OpenSSL moved quickly to fix the vulnerability.  SSL is used on web servers, but not on PCs or mobile devices.  

The exploit is believed to have originated two years ago, but researchers say it covered its tracks to leave no trace of its presence.  There is no word on how many servers were infected.

Connecticut BBB recommends businesses consult a qualified information technology (IT) professional, to see whether their servers are affected, and if so, remove it and apply the updated, secure version of OpenSSL.

Consumers and businesses should change their passwords, and regularly scan their computers with an updated computer security application.  In addition, install operating system updates and software patches, which often address emerging security flaws

Founded in 1928, BBB Serving Connecticut is an unbiased, non-profit organization that sets and upholds high standards for fair and honest business behavior, and is one of 112 local, independent BBBs across North America.

For more than 100 years, Better Business Bureau has been helping people find businesses, brands and charities they can trust.  In 2013, people turned to BBB more than 132 million times for BBB Business Reviews on more than 4.5 million businesses and Charity Reports on 11,000 charities, all available for free at