A major vulnerability, known as “Heartbleed,” has been disclosed for the technology that powers encryption across the majority of the internet.
This means that the little lock icon (HTTPS) we all trusted to keep our passwords, personal emails, and credit cards safe, was actually making all that private information accessible to anyone who knew about the exploit.
This might be a good time to change your passwords everywhere—especially your high-security services like email, file storage, and banking, which may have been compromised by this bug.
We hope the following information is helpful and if you are still in need of help you can contact us for a consulting session.
What to do next:
There is really no simple way to prevent your accounts from being affected by future bugs or security breaches but for this specific but here are some of the options to see if the web services you have accounts with are affected by the bug.
- Manual check: You can check your websites manually using the tool offered by LastPass https://lastpass.com/heartbleed/
- Automatically: -> Sign up for a Free LastPass account <-
Manage all your passwords from one location. Please create a super-strong password when signing up for LastPass as this is your master-key to all your passwords. Watch the video below on how to set up LastPass.
After signing up for LastPass and using it to input your passwords you can then run their security check which will tell you what sites you are member of are vulnerable.
If you already have a LastPass account you can read this link on how to run the Security Check.
Below is a partial list of passwords you should change based on the Heartbleed bug fixes.
Change these passwords now (they were patched)
Google, YouTube and Gmail
Yahoo, Yahoo Mail, Tumblr, Flickr
Don’t worry about these (but change them if you used the same passwords as on the websites above)
Apple, iCloud and iTunes
AOL and Mapquest
Bank of America
Capital One bank
Microsoft, Hotmail and Outlook