Protecting Yourself From a “Heatbleed” Security Breech
EAST LONGMEADOW, Mass. (WGGB) — The “Heartbleed Bug” has been making headlines for days, but putting your personal information at risk for years.
Earlier this week, the internet security hole was discovered by a security engineer, and now programers for websites all over the world are scrambling to protect their visitors.
When you hear of an internet security threat, you probably think “virus.” But this time….it’s something different.
“It is not a virus, it’s a glitch in the programing code, and it’s not going to attack your computer,” explained Tyler Brooks, a tech a GoGeeks Computer Rescue in East Longmeadow.
So. if doesn’t wreck your computer, what’s at risk?
“It’s credit card information, it’s telephone information, it’s passwords, it’s what you’ve done on the website in the past,” Ray Ragusa, owner of RAMRay Solutions of Longmeadow, told us.
Basically, hackers use a security loop hole in the a program computers use to communicate, called “OpenSSL.”
It tricks servers into leaking, or “bleeding,” your information.
So that means it’s not really something you could have protected yourself from.
“It’s on a different layer than the normal consumer would have to worry about,” said Brooks.
The bug only affects secure websites, those are websites that begin with the web address “https” like GMail, Facebook, Instagram or eBay.
Not all secure websites use the open version of SSL but many do. What does that mean you should do now?
“Contact any website to which they login. And find out if they use OpenSSL and if they have fixed the bug. If they have, change your password. If they haven’t, changing your password won’t do any good until they fix it,” noted Ragusa.
Ragusa recommends checking out this list.
Experts say you shouldn’t use any site without plans to patch the hole.
If you’ve used sites who have already fixed the problem, double check your credit card statements, and check for identity theft.
According to Bloomberg, the NSA has known about the Heartbleed bug and it’s impact for the last two years.
Two anonymous sources told Bloomberg that the NSA regularly used it to gather critical intelligence.