The “Heartbleed” computer bug allows hackers to steal your passwords from ‘secure’ online sites – all without leaving a trace. It has come to light that the NSA has apparently been using this ‘bug’ to spy on Americans.
This “bug” has been out there for two years, yet has just now become generally known. The vulnerability – in a widely used Web encryption program known as OpenSSL – allows hackers to steal data from thousands of sites, email, and web traffic. OpenSSL is also found on many email servers, phones, PCs, and security products such as firewalls. Many sites, such as Google, say they have already patched their system, so users’ passwords, etc., are safe there. Thousands of other sites are still vulnerable until they are patched or their security software is patched.
Users are urged to check with their email, cloud storage, credit-card, and banking sites to see if they should change their passwords. If you are unsure, it is nevertheless always good practice to change your passwords at least once a year.