If you are still unaware of the issues implied by this flaw in security systems, let’s review them briefly: when first Heartbleed evidence was released, everybody got concerned, of course, with their banking data. According to the reports,
When the Heartbleed bug was exposed on April 8, the Canada Revenue Agency (CRA) immediately took its website down in order to start patching the flaw. But apparently it wasn’t enough — according to a post by CRA commissioner Andrew Treusch, someone still managed to breach the CRA database. During the course of a six-hour period, those people acquired 900 social insurance numbers (Canadian SSNs) by exploiting the Heartbleed bug.
If you felt relief because the Heartbleed affects only websites, hold your breath: one of the most important news of them all was Google admitting a day after the discovery of the Heartbleed that
We’ve assessed this vulnerability and applied patches to key Google services such as Search, Gmail, YouTube, Wallet, Play, Apps, App Engine, AdWords, DoubleClick, Maps, Maps Engine, Earth, Analytics and Tag Manager. Google Chrome and Chrome OS are not affected. We are still working to patch some other Google services. We regularly and proactively look for vulnerabilities like this — and encourage others to report them — so that that we can fix software flaws before they are exploited.
In other words, Google took all the necessary measures to protect its smartphone and tablet Android users, so they don’t feel for themselves the Heartbleed security cyber attacks which indeed can trigger Android users.
But so far, every website started patching and improving its security in order to hold its ground in the face of a potential Heartbleed cyber attack. While us, as customers, can only change our passwords in order to stay safe, some specialists advise us to do this operation carefully, as we might just provide some hackers with fresh and renewed passwords to our accounts. Up to this moment, you can find extensive lists of websites that were affected and weren’t affected by the Heartbleed, so you can make the optimal choice.
However, the Heartbleed exploiters didn’t stop here. Last week, two Heartbleed cyber attacks have been identified in the U.K and Canada: one attack was at the Canadian tax agency and the other at a UK parenting website and rumors have it that hundreds of people lost their personal data in the hands of the attackers. While it is not necessary to become more paranoid than we already are, some anonymous sources say that the NSA knew of this security flaw and let it be, in order to gather intelligence. Stay tuned for more Hearbleed security cyber attacks news and round-ups, as it seems the plot thickens…