Internet users warned to change passwords in wake of “Heartbleed” bug
A number of popular websites have issued a warning to their users to change their passwords ASAP, after the discovery of a major bug known as “Heartbleed.” The bug, which targets sites using OpenSSL, enables hackers to retrieve code from websites and other online services them would give them access to what-should-be secure information, including passwords and other user data.
Social networks like Facebook and Tumblr immediately notified users of the bug. “The little lock icon (HTTPS) we all trusted to keep our passwords, personal emails, and credit cards safe, was actually making all that private information accessible to anyone who knew about the exploit,” said Tumblr in a blog post addressing the situation. Google also took to advising users to change their Google services passwords, although they mostly did it as a “better safe than sorry” style precaution. While Heartbleed only targets one version of OpenSSL, with a fix for its flaw having already been issued, it was only recently discovered and has potentially been around for about two years. “This might be a good day to call in sick and take some time to change your passwords everywhere,” added Tumblr, in the same blog post.