Heartbleed – Security Threat

heartbleedWhat is Heartbleed?  

The latest security vulnerability announced on Monday that could potentially affect the entire worldwide web. Heartbleed can expose sensitive user data including usernames, passwords, and credit card numbers.

Who has been affected by Heartbleed?

Websites that use Open SSL could be vulnerable. Last Pass states that “roughly two-thirds of all websites on the internet use this OpenSSL crytolgraphic library” that could be affected. Websites that have been infected include Yahoo and many others.

What should I do?

1. Change your passwords on a regular basis.
2. Check your websites that you have entrusted with sensitive data to see if they have been affected.
3. If the site has been affected, wait to update your password.  Once affected websites have re-issued certificates (release a patch), update your passwords.
4. Keep an eye on your credit card balances and report any inconsistencies to you bank immediately.

Questions? Contact your IT Support Desk

By Jessica Tinordi, Jessica.Tinordi@lightindustries.com