Many of you may have been hearing the term “Heartbleed” over the past few days and wondering what exactly that is, and why people are so concerned about it. Well, Heartbleed is the name of a major security vulnerability that may affect nearly two-thirds of websites online. It’s a severe situation potentially exposing your login information—your username and password—and other sensitive information about you.
What is Heartbleed?
It is important to understand that Heartbleed is not a virus, but rather a mistake written into OpenSSL—a security standard encrypting communications between you, the user, and the servers provided by a majority of online services. The mistake makes it viable for hackers to extract data from massive databases containing user names, passwords and other sensitive information.
What Should I Do?
The first thing you need to do is check to make sure your online services, like Yahoo and PayPal, have updated their servers in order to compensate for the Heartbleed vulnerability. Do not change your passwords until you’ve done this. A lot of outlets are reporting that you need to do this as soon as possible, but the problem is that Heartbleed primarily affects the server end of communications, meaning if the server hasn’t been updated with Heartbleed in mind, then changing your password will not have the desired outcome.