Last week, it emerged that a major security flaw at the heart of the internet may have been exposing users’ personal information and passwords to hackers for the past two years. It is called Heartbleed: and is a bug that is affecting websites that us OpenSSL web encryption.
It is not known how widely the bug has been exploited, if at all, but what is clear is that it is one of the biggest security issues to have faced the internet to date.
Security expert Bruce Schneier described it as “catastrophic”. He said: “On the scale of one to 10, this is an 11.”
The list of affected websites include: Facebook, Instagram, Pinterest, Tumblr, Google (inc Gmail), Yahoo (inc Yahoo mail), Amazon web services, Etsy, GoDaddy, Flickr, Minecraft, Netflix, Youtube, Dropbox…. And more.
If you use any of these sites, you should definitely update your passwords for affected sites as soon as possible. It’s also a good idea to update your passwords on non-affected sites if you use the same password for an affected site.
For example, LinkedIn wasn’t affected, but Facebook was. So if you use the same password for LinkedIn as you do for Facebook, it’s a good idea to change both passwords. This is because a hacker may have your facebook password and guess that it’s the same password you use for other accounts
The full list of affected sites can be found here: