Unless you’ve been unplugged the last 24 hours, you’ve heard the breaking news about the biggest security flaw to hit the Internet – the Heartbleed bug. The Internet encryption vulnerability impacts all websites using Open SSL encryption, which is about two-third of all websites currently online.
The announcement has caused widespread fear, with people questioning if their passwords, and personal and credit card information has been left vulnerable after years of online purchases and electronic banking.
A slew of heavy hitters, including Google and Facebook, say they’ve implemented a patch to prevent any further issues. But it has crippled others, including the Canada Revenue Agency (CRA), which was forced to shut the public section of its website down during busy tax filing season. The CRA doesn’t yet know if any sensitive data has been compromised.
However, some security experts are skeptical of the quick fix, and remain unconvinced it will remediate the issue.
So what can you do to protect yourself? Experts say immediately changing passwords won’t do anything if the website in question hasn’t implemented the patch. According to the Globe and Mail, you should change your password immediately for the following sites, which have already been updated:
– Yahoo mail
To check if a site is still vulnerable, you can use the online tool at http://filippo.io/Heartbleed/
*Source: Globe & Mail