Personal Data Of Millions At Risk From Major Internet Security Lapse
April 9, 2014
A major security lapse in one of the most trusted security features on the web has left millions of passwords and other sensitive business and personal information exposed to hackers. The breakdown – called “Heartbleed” by a team of Finnish security experts with Codenemicon and Google who discovered it last week – impacts OpenSSL, a technology used by up to two-thirds of websites on the Internet. The bug compromises encryption used to protect the names, passwords and actual content of millions of web users. “This allows attackers to eavesdrop on communications, steal data directly from the services and users and to impersonate services and users,” Codenomicon wrote on a the site it created to give details about the bug.
Sites including Yahoo, Amazon, PayPal and Tumblr began notifying users of the bug yesterday. Analysts have warned against changing passwords at individual sites until web companies fix the security breach with updated software. On the other hand, in a warning to users, Tumblr wrote “this might be a good day to call in sick and take some time to change your passwords everywhere — especially your high-security services like email, file storage, and banking, which may have been compromised by this bug,” Some security researchers are warning that sensitive online activities, like banking, should be avoided for now.
Read full article at:
Daily Updates
Sign up for our free daily newsletter for the latest news and business legal developments.