Heartbleed, a newly discovered security bug, is infecting the internet and causing confusion among internet users (aka everybody except that one guy who lives in a cave).
Heartbleed is a security bug or programming error in popular versions of OpenSSL, software code that encrypts and protects the privacy of your password, banking information and other sensitive data you type into a “secure” website. OpenSSL is used by about two-thirds of “secure” websites on the internet such as Gmail, Facebook and Tumblr, which means there’s a pretty good chance your passwords and financial information could have been exposed by the Heartbleed bug.
But don’t freak out yet. Although Heartbleed could be exploited by malware and cybercriminals, officials say there had not been any reported attacks or malicious incidents. But the two-year-old programming error is problematic enough to consider changing your passwords.
Officials suggest that members of the public should “closely monitor your email accounts, bank accounts, social media accounts and other online assets for irregular or suspicious activity, such as abnormal purchases or messages”.
The website Mashable has mashed together a bigger list of popular sites and whether they are affected by Heartbleed.
A fixed version of OpenSSL was released on Monday, April 7, so if you changed your vulnerable website passwords after that date, you’re good to go. Just make sure your password isn’t your credit card number, social security number, or 12345678.