Heartbleed is the latest and “greatest” encryption bug that has infected many major websites’ private information.

How it works

Websites with secure data have something called an “SSL certificate”. An SSL certificate encrypts important data, such as passwords, credit card information, and more, to protect against thieves and hackers. There are many types of SSL certificates, and “OpenSSL” is one of them. Unfortunately, websites with OpenSSL were attacked by Heartbleed and sensitive information may have been stolen.

Which websites were affected?

Mashable has an article that thoroughly outlines which major websites (from eCommerce stores to banks) were and were not infected and whether a security patch has been released.

Here is a short list of major websites that were affected:

• Google
• Yahoo
• Amazon
• GoDaddy
• Intuit/TurboTax
• Dropbox
• LastPass

What do I need to do?

The first thing you need to do is change your password. Although a complex password most likely can’t protect against a bug like this one, it’s important to create a password that cannot easily be guessed. Please refer to our article on top 10 internet security tips for creating your new password.

Conclusion

Heartbleed is a critical bug, but thankfully, major companies are releasing information about what they are doing to protect against it and whether or not they were affected. Stay informed with the latest news through our Facebook page and Twitter.