Important information for you to know about the Heartbleed Bug
In recent days there’s been a lot of attention on the Heartbleed bug. Well, some people have been paying attention to it. If you’re like a lot of people, if you even saw any news on it, your eyes glazed over at the words “encryption,” “patch,” “SSL” and “vulnerability.”
I’m not going to go into all the details, because none of us are interested in the whys and hows and what OpenSSL even is. I’ll keep it simple: there was a hole in our internet, and it had to be patched over. While it was open, data, including your personal information, may have been exposed. (I’m not aware of any reports of actual compromises.)
But listen. This is one time when being vulnerable, especially online, is not a virtue. It’s a real risk.
So here’s what I’m suggesting you do: Set aside a half hour, today, and change passwords on accounts that may have been affected.
The jury is still out on the extent to which WordPress accounts were affected. I strongly recommend you change your WordPress password today. Right now, even. If I have admin access to your WordPress account, I’ll be changing my password to it shortly.
You may have your site hosted through The Willingham Enterprise, which is managed through BlueHost. I am assured they have taken the appropriate steps to apply the patch across all of their platforms. That doesn’t mean you don’t need to do your part, and change your password.
The following accounts are also believed to have been potentially affected, and I suggest you change these passwords right away as well. I’ve obtained this list from a helpful article on Mashable if you’d like to get more information on this issue.
- Twitter (Reports are that its exposure is “unclear.” I’d change it.)
- Google & Gmail
- Yahoo! & Yahoo! Mail
- Amazon Web Services (this is for website operators, not the general Amazon retail site)
- Intuit TurboTax
This is by no means a complete list, but includes some of the most popular platforms and services across the web. If you are in doubt about an account, change your password and/or contact your service provider.
Disclaimer: I am not an internet security expert nor a guarantor of your online security. I am simply passing along information I have obtained as I believe it may be useful to you.
For further reading on this issue:
Heartbleed Hit List: The Passwords You Need to Change Right Now (Mashable)
What WordPress Site Owners Need to about the Heartbleed Vulnerability
Bluehost Update: The Heartbleed Bug and What You Need to Do