The Heartbleed bug

[LanguedocFox]

I've not seen anything about this on the forum, so thought it would be worth posting some information that my son sent me. It does seem to be a legitimate cause for concern.

 

The Heartbleed Bug has been described as one of the "biggest security threats the Internet has ever seen". Apparently it is a security/encription loophole affecting popular sites like Yahoo, Gmail and Facebook, and it could lead to hackers getting hold of things like passwords, credit card numbers and other sensitive information.

 

There's an interesting article about what to do to protect your data here: http://mashable.com/2014/04/09/heartbleed-what-to-do/, and a list of some of the sites that are most affected and passwords that need to be changed here: http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/.

 

Does anyone else have anything to add?

 

 

[AKCJ]

Here's a simple explanation.

 

[Fox92]

Least they've given us a list. Will change mine now actually just in case. 

[Basingstoke Fox]

This was a right pain in the arse at work last week.

[Beliall]

i wasnt sure it was real, had an email from gearbox software last night. ill be changing my passwords now then

[ozleicester]

So... has this been fixed... are people who didnt change still at risk?

[danny.]

Yes they are - they need to upgrade their OpenSSL. I imagine a lot of web servers still haven't had this patched unless active maintenance is carried out on the servers - which most companies probably don't do