A new bug called “Heartbleed” has cropped up online that could be affecting over 500,000 servers, according to Internet research firm Netcraft. The bug is designed to mine a server’s memory, which could include private data like credit card numbers, user names and passwords.
In order to protect yourself from the bug, you can check individual websites using this tool. You should also check the blogs or security centers of websites you frequently use to see if they have been affected and, if so, whether or not they’ve solved the problem. Once you know a website has solved the problem, be sure to change your password and account information. The largest site affected by this vulnerability appears to be Yahoo and all of its affiliated sites. So far, tests have indicated that Facebook users’ data was not exposed by the bug.
However, even though Facebook seems safe for now, but they are encouraging users to change their passwords as a precaution. This incident should serve as a reminder to stay up to speed with all of your online accounts. Experts recommend periodically changing your passwords (every six or so months) to ensure that, even if your info were to fall into the wrong hands, it wouldn’t be useable for very long. It’s also a good idea to monitor activity on your Facebook account to be sure it hasn’t been compromised.
Mashable has created a “Heatbleed Hitlist‘ that shows which popular sites require password changes at this time. If a site you use doesn’t appear on this list, then go ahead and change the password as a precaution or contact their customer service department to see if they are affected by this vulnerability.
It’s going to be a pain to change and keep up with a bunch of new passwords. If you aren’t currently using a password manager to simplify this chore, now would be a great time to start. We recommend Roboform.