A major Internet security vulnerability (CVE-2014-0160) known as Heartbleed has been discovered in the widely used encryption program OpenSSL. OpenSSL is the implementation of the SSL (Secure Sockets Layer) and TLS (Transport Layer Security) protocols for transmitting secure information over the Internet. Servers for all your most common Internet applications – including web browsing, email, instant messaging and smartphone apps – likely use the SSL and TLS protocols.
This breach is expecially serious because OpenSSL is the most common Internet encryption program used; the Heartbleed Bug resides on Internet servers not individual computers; it went undetected for two years; and security breaches left no trace! Hackers were able to steal keys that protect communication, user passwords, stored files, bank and financial information and even social security numbers with impunity for 2 years! There’s no way to tell what sensitive information may have been compromised over the last two years.
Learn how to check a website for the Heartbleed Bug before you use it and how to your information – and yourself – from now on.