1. Technology
You can opt-out at any time. Please refer to our privacy policy for contact information.
Tommy Armendariz

Companies Asking Customers to Change Passwords Due to Heartbleed Bug

By April 14, 2014

Follow me on:

Heartbleed BugThe Heartbleed vulnerability has been around for two years and it's uncertain if cybercriminals have exploited it during this time frame. Now that the news is out, it's very likely that malicious actors have attempted to harvest your personal information.

Consequently, companies are advising their customers to change their passwords in case their accounts have been access by cybercriminals. If you still don't know what Heartbleed is, well, it's a vulnerability in OpenSSL that can be exploited by an attacker by sending malicious "heartbeat" requests to obtain information on the targeted server. If successful, the leaked information can contain encryption keys, usernames, passwords, etc.

"This might be a good day to call in sick and take some time to change your passwords everywhere - especially your high-security services like email, file storage, and banking, which may have been compromised by this bug," stated a representative from Tumblr.

On April 8, 2014, a list of the vulnerable top 10,000 Alexa websites was published on GitHub. However, many of them listed may have resolved the issue.

Comments
No comments yet. Leave a Comment
Leave a Comment

Line and paragraph breaks are automatic. Some HTML allowed: <a href="" title="">, <b>, <i>, <strike>
  1. About.com
  2. Technology
  3. Antivirus Software

©2014 About.com. All rights reserved.