The Heartbleed Bug: What You Need to Know

  
     
May 08, 2014

Heartbleed.  Have you heard of it?  Chances are highly likely that you have, because it’s being called the largest security breach that the Internet has ever seen.  The Heartbleed bug is not a computer virus, but rather an information leak on a massive scale.  Sites that run on encryption Software called Apache or Nginx are all at risk of information being leaked due to the Heartbleed bug.  These sites include, but are not limited to, Google, Amazon, and Yahoo.

Personal information that you give to vulnerable websites is at risk of being exploited, so it is important that you are aware of the steps to take to avoid harm.  First, it is vital that you don’t rush to change all of your passwords on breached sites.  Although some sites have updated their security and have removed the Heartbleed Bug, there are still many sites that are still working on removing the bug.  DO NOT change your password for a vulnerable site until they have made it 100% clear that the bug has been removed.  However, it is strongly advised that you log out of all websites. 

Having access to your personal information isn’t the only problem that Heartbleed is presenting; phishing is about to get a lot worse.  However, the Huffington Post suggests measures that you can take to avoid becoming a victim of phishing due to the Heartbleed bug.  Be wary of:

  • Emails telling you to “click here” to change your password or account information.
  • Phone calls that need personal information “right now”.
  • Text messages and calls from unknown or weird numbers.

Heartbleed is a very serious issue and the cleanup could take years; however, if you are aware of what accounts you have that are at risk, then you can take as many measures as possible to make sure that your information is protected.  Are you worried that your business’ website may have been breached by the heartbleed bug?  Be sure to check your website’s status here: https://filippo.io/Heartbleed/.  For more information on the Heartbleed bug and what to do about it, visit this website: http://heartbleed.com.

Interested in learning more about how to protect your business and data from a security breach?  Consider attending the Grand Rapids Cyber Security Conference.  For more information and to register, visit their website here: http://securitysummmit.weebly.com.