He’s 19 years old, a student of computer-science who reportedly
took advantage of the Heartbleed Internet breach to hack into the Canadian IRS and steal 900 social insurance numbers from the CRA (Canada Revenue Agency). While it has not been clear yet when the theft took place, Canadian authorities promise to notify all those affected.
For sure, there is much more to come as a result and a consequence of…
The Heartbleed bug
A few days back, a massive security bug left much of the Internet
exposed. As we learned, the Heartbleed bug has affected OpenSSL Protocol for about 2 years now.
"The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. SSL/TLS provides communication security and privacy over the Internet for applications such as web, email, instant messaging (IM) and some virtual private networks (VPNs)." (Source: http://heartbleed.com/)
According to the Huffington Post, as much as 66 percent of the web may have been compromised by Heartbleed.
How to protect yourself from the Heartbleed hack
Let me tell you upfront, the Heartbleed hack IS a very serious issue with wide ranging consequences. And there is almost nothing that “normal” users can do against it. Being also a global issue, the Heartbleed-bug-cleanup is extremely difficult.
It’s not just your email address you need to worry about. One of the worst parts is the untraceable aspect of the possible “hack”. So stop thinking “that won’t happen to me”. Start protecting your Internet
assets and more importantly, start protecting your identity now.
Here are some steps you should consider:
- emails from people or companies saying “click here” to change your password or update your account information
- phone calls promising to fix your problem but only if you give them your password(s), account access or a credit card information
- phone calls or text messages from unknown people or from weird numbers, especially if your cellphone isn’t widely known.
- Use a reliable Internet security software that helps you clean up your computer.
- Delete all cookies from unknown websites or sites you’ve never visited.
- Run security scans on a regular basis.
- Change your passwords.
All that requires some additional work but if you want to avoid a “Heartbleed hack” you should take action now. Stay safe!
OpenSSL has a critical security vulnerability that needs to be patched right away
Android devices await Heartbleed fix
Half a million widely trusted websites vulnerable to Heartbleed Bug