It’s recently been discovered that there’s a security vulnerability that’s affected thousands of websites over the last 2 years. What’s been labelled the “Heartbleed Bug”, allows hackers who know about the glitch to secretly extract sensitive consumer information such as passwords and even credit card details.
Heartbleed affects OpenSSL, which is an open source encryption technology used in 66% of web servers. There is no way of knowing whether or not your data has been accessed so it’s important that everyone changes their passwords for the affected sites.
Some of the big sites that were affected include Facebook, Pinterest, Google (Gmail), Yahoo and even Amazon. Mashable provides a good, comprehensive list of the major sites that have been affected.
So What Now?
Qualis SSL Labs has a tool you can use to test your domain name for server problems.
We recommend you change all your personal passwords, starting with those in Mashable’s list of compromised sites. It’s best to avoid using the same password across all your accounts, or at least have your financial account passwords different to those for social media.
How to change your passwords…
Google: click on the profile icon in the top right of your Gmail page, then click on “account”. Go to the security tab in the top navigation and you should see the option to “Change password”. It’s a good idea to use Google’s 2-Step Verification listed below the password change option, as this adds another level of security.
Facebook: Go to the down arrow in your top navigation and click on settings. Go to Password and click on “edit”.
Instagram: You’ll need to do this on your phone. Go to your profile page and tap on “Edit Your Profile”. From here you’ll see the option to “Change Password”.
Pinterest: Once you’re logged in, go to “settings” and click on the “Change Password” option.
If you hate remembering passwords you can always use LastPass; a safe password generating and remembering tool.