Consumer alert: Heartbleed bug a security risk

heartbleedJust over half of all websites, including popular sites such as Yahoo! and OKCupid, were vulnerable to the Heartbleed encryption bug. This bug could have allowed attackers to read encrypted data including credit card or password information for the last two years. The bug affects websites that use OpenSSL in their coding.

Unfortunately, there is no way to know if anyone has used this bug to gain access to sensitive information. And, there is nothing you can do on your home computer—you have to wait for websites to install security updates.

TDS systems are safe and not vulnerable to the Heartbleed bug (and never were because we do not use OpenSSL).

Most major websites have already updated their systems with a security patch, or are in the process of doing so. However, many websites it could take some time for all to be secure.

What can you do?

    1. To be safe, major news outlets like CNET, BusinessInsider are recommending you should change your online passwords—especially for services like email, banking, and social media logins. However, we recommend only doing this after checking to see if the website is no longer vulnerable (see #2 below).

    2. Check the latest list of affected sites here and check them on an individual basis here.

    3. Keep an eye on any online accounts for the next few weeks to make sure there isn’t any suspicious activity.

About TDS Security Team

The latest news and advice from the TDS Security Team.

Trackbacks/Pingbacks

  1. Security Alert: Cloudbleed Vulnerability Exposes Sensitive Data Across The Internet | TDS Home - March 3, 2017

    […] Cloudbleed (a play on the Heartbleed breach of last year), this vulnerability caused information from certain websites—which may have […]

Leave a Comment