Heartbleed SSL Vulnerability

By Rich Wagoner, CITP.CPA | Principal, Technology Services Group

By now, I am sure you have heard the local news and global coverage related to the SSL Heartbleed Bug (heartbleed.com).  Many of the popular sites you regularly use were susceptible to this vulnerability.  This vulnerability could allow an attacker to read sensitive personal information and passwords and then use that information to access your accounts. A lot of fixes have been put into place however there has still been a fair amount of data compromised related to usernames and passwords.  Please click to see an overview image of major website affected.

What should you do now?

The biggest thing that you can do to protect yourself, even if you don’t feel you have been compromised, is to change your passwords.  Take a look at the graphic below and you can see how a lot of those everyday sites have had potential issues with this bug. A complete list of sites can be found here.  http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/.  In addition you should not use the same password for each site.  Although, it may be difficult for you to remember the passwords, don’t make it easy for the hackers to gain access to your accounts.

If you have any questions about Heartbleed please do not hesitate to contact me at 317-260-4400 or via email at rwagoner@greenwaltcpas.com. Image provided compliments of LWG Consulting – http://www.lwgconsulting.com/news/sites_affected_by_heartbleed_bug.aspx