Tags: heartbleed | bug | steals | passwords | user | names

'Heartbleed' Bug Steals Passwords, User Names by the Millions

By Alexandra Ward   |   Wednesday, 09 Apr 2014 07:05 AM

A newly discovered security breach dubbed the "Heartbleed" bug has been stealing user names, passwords, and other private information from millions of Internet users for the past two years, tech experts revealed Monday.

The Heartbleed bug exploits a weakness in a software program called OpenSSL, which is commonly used by websites like Yahoo, Flickr, and Imgur to encrypt sensitive information, according to The Washington Post. What's most frustrating, however, is that the Heartbleed bug leaves no trace so there's virtually no way of knowing how many people's online accounts have been compromised.

"You should care about this because — whether you realize it or not — a hell of a lot of the security infrastructure you rely on is dependent in some way on OpenSSL," Matthew Green, a cryptographer and research professor at Johns Hopkins University, wrote in a blog post on his website this week. "This includes many of the websites that store your personal information. And for better or for worse, industry’s reliance on OpenSSL is only increasing."

Urgent: Do You Approve Or Disapprove of President Obama's Job Performance? Vote Now in Urgent Poll

Top websites like Facebook, Google, Wikipedia, Amazon, Twitter, Apple, and Microsoft are not "vulnerable" to the Heartbleed bug, Yahoo Tech noted.

Still, experts say the bug is among the most serious security breaches in recent years.

"Once an attacker has a website's encryption keys, anything is fair game," Yahoo Tech reported. "Instead of slipping through a proverbial crack in the wall, he can now walk in and out the front door."

So what should Internet users do if there's no way of knowing they've been targeted?

"I would change every password everywhere because it's possible something was sniffed out," Wolfgang Kandek, chief technology officer for Qualys, a maker of security-analysis software, told The Associated Press. "You don't know because an attack wouldn't have left a distinct footprint."

Urgent: Assess Your Heart Attack Risk in Minutes. Click Here.

© 2015 Newsmax. All rights reserved.

1Like our page
2Share
TheWire
A newly discovered security breach dubbed the "Heartbleed" bug has been stealing user names, passwords, and other private information from millions of Internet users for the past two years, tech experts revealed Monday.
heartbleed,bug,steals,passwords,user,names
324
2014-05-09
 

Newsmax, Moneynews, Newsmax Health, and Independent. American. are registered trademarks of Newsmax Media, Inc. Newsmax TV, and Newsmax World are trademarks of Newsmax Media, Inc.

 
NEWSMAX.COM
America's News Page
©  Newsmax Media, Inc.
All Rights Reserved