image-change-passwords-heartbleedBy now, you’ve probably already heard of the web server vulnerability dubbed “Heartbleed”.  There is a lot of confusing info about it out there in the wild.  We thought we’d summarize it for you:

What it is?  A bug on some web servers that that can allow the attacker to obtain sensitive user information in a server’s memory including usernames, passwords and credit card numbers from a website.

How do you know if a website is or was affected?  Short answer, you don’t.

Some of the websites that appear to have been effected include Yahoo, Tumblr, and email servers such as Gmail. Here’s a list of major websites and their status for your reference.

Most of the affected sites are applying or have already applied the corrective patch.  However, you should check a website before logging on

You can check a website on an individual basis here.  

Even if the website you check comes back as “All good”, caution is still advised. If the website, a red flag, avoid the site for now.

So, it’s “All good”, now what?  Change your password anyway.

The website is “All good” now but it doesn’t mean that it wasn’t previously affected by the vulnerability.  As a safety precaution, we are recommending:

1.  Check the website status to determine if it’s clear and then
2.  Change your password regardless.

Still have questions?  Feel free to give us a call.