Heartbleed Security Flaw

On April 7th, Google's security team issued a press release concerning a security bug that is found in many websites around the world. This bug could potentially expose user information, passwords, credit card info, etc. While a fix has already been released in order to remedy this bug, please be vigilant when using websites that have access to your billing and personal info. Web service providers are hurrying to plug this security hole, but there is no way to know what information was stolen in the meantime.

It is important to understand that this is not a local machine issue. The security flaw is found in many websites online. Because the bug is isolated to websites and does not affect your servers & workstations, it is unlikely that it will affect your business network. In order to ensure your peace of mind, we have a few recommendations to ensure your personal data security at home.

  • Change your password on websites that have your credit card info.
  • Keep an eye on your bank/credit statements for any unusual charges.
  • Change passwords on all websites that were vulnerable to the Heartbleed bug and have been patched. Some popular sites that were affected but have been patched include: Facebook, Dropbox, Google/Gmail, Instagram, Netflix, Pinterest, Yahoo Mail, and YouTube. You can find an updated list with additional sites here: http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/
  • While you are in the process of changing your passwords, take the time to create strong passwords and stay away from using the same password for everything.

We have been taking this latest vulnerability very seriously at Databranch and urge our clients to as well. It can be frustrating when password changes need to be made but the Heartbleed Security Flaw has reminded us all that we can never be too safe online. If you have any questions, please contact Databranch at 716-373-4467 or sales@databranch.com.

For an overview and a more technical Q&A, please see http://heartbleed.com.

used with permission from ITLLC