I’m sure you’ve seen it mentioned somewhere by now – whether it’s on your Facebook feed, or in the news, or by a coworker – but have you really taken the time to find out what the Heartbleed Bug is all about and how you can protect your secure information? Here’s a quick guide.
According to the Bug’s official site (yes, it’s that major!), “The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and the actual content. This allows attackers to eavesdrop on communications, steal data directly from the services and users and to impersonate services and users.” And this has been going on since 2013.
Well, what does this mean for you?
That means every time you go to what you think is a secure website (you know, the one that start https:// and have a little lock image next to the URL) – websites like email providers, online banking, credit card websites and the like – it’s not as secure as you think anymore. The Bug created a window for hackers to be able to access your previously secure usernames and passwords, instant messages, emails, and even social security numbers.
What can you do about it?
First of all, if you haven’t already, change all your passwords to any sites containing any of your secure information. This means emails, credit card logins, social media sites, the works. Yes, it’s a huge pain in the butt, but better to be safe than sorry. If you’re overwhelmed by where to start, Mashable has a great list of the passwords you need to change ASAP. But note that this doesn’t mean you’re out of the woods. If the site you’re changing the password on hasn’t yet updated its security measures to protect against Heartbleed, you will need to change your login/password again once it does.
And while it’s just another thing to add to a growing list of to-dos, make sure your password isn’t the same for every site. Try to create a unique password for each site so that your entire digital identity isn’t compromised should one password get stolen.
Finally, make sure you’re closely monitoring bank and credit statements in the upcoming months and immediately call about any suspicious activity.