April 13, 2014

Share Everywhere

Protecting Yourself From the Heartbleed Bug

As we all know, keeping our passwords and credit card numbers safe is crucial for anyone with an active online life. This week it was widely reported that the notorious Heartbleed Bug had unleashed a problem for millions of consumers who use popular internet sites like Yahoo!, OKCupid, Airbnb, and more. If you have logged into any of those affected sites over the last two years, your personal information including passwords and credit card numbers may have fallen into the hands of cybercriminals.

The general consensus in the Internet security world is that it’s very likely we have all been impacted and “hacked” in some way. This news is quite nerve wracking, but what’s worse is that until the affected internet companies take steps to update their servers against the threat of Heartbleed there is nothing we as consumers can do. It’s only after these updates or “patches” are made that we should change our passwords, according to the experts. But how is a consumer to know if a site has been fixed or not?

One password security firm, LastPass, set up a Heartbleed Checker, which lets you enter the URL of any website to check its vulnerability to the bug and if the site has issued a patch. It’s a good idea to check to see if your online banking site and any and all other sites where you use or store sensitive information is on the clean list.

Mashable.com has compiled this list of popular sites with details whether they were affected by the bug. You can check the list here.

On a brighter note, both the IRS and Google have reported that they were not affected by the attack. That’s a relief as so many people are currently filing their tax returns online this year. Likewise, TurboTax issued a statement this week saying they are protected against Heartbleed. However, we still recommend changing your passwords on these accounts. You can never be too careful when it comes to combatting identity theft.

Until this news about Heartbleed broke, we felt pretty safe recommending shopping and banking selectively online by using only sites that start with https:// or shttp://. But, now it’s widely reported that almost 50% of those sites were vulnerable. The moral of the story is that the criminals never stop trying to access our sensitive information so we need to take steps to protect ourselves. You can check out our recent post for tips on how to be as safe as possible online.

While we still recommend those encrypted sites as the best way to shop safely online, this attack has been a wakeup call for all of us. Heartbleed was able to infiltrate even these encrypted sites. As long as people are banking, shopping, and socializing online, we are all at risk for identity theft.

That’s why taking steps today to protect you and your family from identity theft by signing up for IdentityForce UltraSecure or UltraSecure+Credit is a great way to keep your personal information out of the hands of criminals.

If there is any more news about Heartbleed we will be sure to write about it here, so check back in the coming weeks for updates on further developments.

Image courtesy of Flickr user Snoopsmaus.

David Rabinovitz

Identity Protection Consultant at IdentityForce
David is aligned closely with c-level principals and provides them with coaching services focused on strategy, finance, ownership, deal structuring, and shareholder relationships, which led him to join one of his high-growth clients as their CFO. As a high-energy executive with a wealth of experience, David is a versatile corporate “fireman” who skills are often sought after to assess and resolve complex business challenges, as he brings critical insight for business leaders in transition.He is also a long-standing Special Crew Volunteer for Pan-Mass Challenge, an annual cycling fundraiser that strives to provide Dana-Farber's doctors and researchers the necessary resources to discover cures for all types of cancer.

Join The Discussion

Your email address will never be published.