Following the buzz that has been created by the exposure of the Heartbleed OpenSSL bug most people appear to have written it off as something that does not necessary affect them in a direct way, right? Wrong.
An article we ran yesterday highlighted how web administrators need to urgently patch their sites as a response to the bug. However, every site that was exposed to this bug still puts any of the users who have accessed it with password access at risk.
If the fact that Heartbleed is being touted as the biggest online scare in ages does not make you a bit uneasy, consider the statements that have been released by a host of online services that most of us use every day.
Mashable contacted several online service providers to confirm exposure to Heartbleed identifying some of the sites and services that require you to consider taking action. Though it’s not certain that your details might be manipulated through this bug, the risk of exposure is worth considering a password change.
Judging from facts on local website popularity, the biggest claim of potential casualties is Facebook. In the same reference article the largest social network was quoted as saying “We added protections for Facebook’s implementation of OpenSSL before this issue was publicly disclosed. We haven’t detected any signs of suspicious account activity, but we encourage people to … set up a unique password.”
Gmail is reported as having been affected by the bug though they promptly updated their server with a security patch. Other services from Google also affected include YouTube, Google Play and Google Search although Google Chrome was not exposed. Google has assured its users that a password change is not necessary.
Yahoo services such as Yahoo Mail, Yahoo Finance, Flickr and Tumblr were exposed but just like every other major service provider they have updated their servers with a security patch. Other services that were affected but managed to respond with updates include Amazon Web Services, SoundCloud and Dropbox. A password change for all these websites would put you in a safer position.
It’s never clear whether or not a web user from Zimbabwe is at risk when something with a global impact affects internet users, but as long as the risk of security breach exists taking precautionary measures is always a safe bet. Since changing your password from time to time is something that everyone should be doing anyway responding to this bug should not be such a difficult thing.