Some big sites that use SSL encryption have been exposed to a security bug called ‘Heart Bleed’ last week. Sites affected, or possibly affected, include Pinterest, Gmail, WordPress, and Etsy. Possible consequences of account hit could be disclosure of personal information, even in some cases for instant messaging apps. However, this should not be cause to panic! All of these big service providers, from Google and Twitter, to WordPress have basically sorted the problem out and are advising people to check or change their passwords and report any strange occurrences back to their help desks. To be honest, you don’t really need to know how or why this bug works, so this post is just about practical steps you should take to protect your blog and social media accounts. Here is the Bloggers’ Lounge overview of the most popular accounts and services that have been affected, and whether you should change your password:
Account |
Affected? |
Change Your Password? |
|
|
No |
No |
|
|
Yes |
Yes |
|
|
Yes |
Yes |
|
|
Yes |
Yes |
|
|
No |
No |
|
WordPress |
Unclear |
Unclear (wait for notification from WordPress) |
|
Tumblr |
Yes |
Yes |
|
Gmail |
Yes |
Yes |
|
Hotmail |
No |
No |
|
AOL |
No |
No |
|
Etsy |
Yes |
Yes |
|
Amazon |
No |
No |
|
Flickr |
Yes |
Yes |
|
Dropbox |
Yes |
Yes |
|
YouTube |
Yes |
Yes |
|
PayPal |
No |
No |
|
|
Yes |
Yes |
|
Netflix |
Yes |
Yes |
There is a useful article you can read here about the Heartbleed bug and how it works, and also a great reference sheet with a HUGE list of all the sites affected. Most of these big tech companies patched up the problem before anything bad happened, but it is important for you to wait until the experts have sorted everything out THEN change you password. If you are in any doubt, tweet or email the service provider!
I hope you found this post useful – remember to change your passwords! #bloggerproblems
No comments yet.