Community > General chatter

URGENT! Heartbleed Bug

(1/2) > >>

DeviantProtagonist:
heartbleed.com



For it not being posted in Project Im@s, I'll leave this here just to make sure everyone's clued in on the circumstances. There's a major security hole that's been around for two years tops, affecting two thirds of the internet due to services that run on OpenSSL. This is very liable to exposing personal information such as passwords, cookies and even credit card numbers. Overall, it is imperative that you change your passwords on important things immediately. To help guide your way, here's a list of major websites that were either hit or missed the bullet.

MetalPredat0r:

--- Quote from: DeviantProtagonist on April 13, 2014, 02:56:40 am ---heartbleed.com



For it not being posted in Project Im@s, I'll leave this here just to make sure everyone's clued in on the circumstances. There's a major security hole that's been around for two years tops, affecting two thirds of the internet due to services that run on OpenSSL. This is very liable to exposing personal information such as passwords, cookies and even credit card numbers. Overall, it is imperative that you change your passwords on important things immediately. To help guide your way, here's a list of major websites that were either hit or missed the bullet.

--- End quote ---

Thank you for this! I changed my passwords to prevent this! You are great for posting about this.

DeviantProtagonist:
Glad to help there. The fact a company like Google got affected by this does help convey the extent of this situation.

altuixde:
Note that you shouldn't change your password on, or even log in to, sites that are vulnerable which haven't been patched yet. Fortunately, it looks like most companies patched the vulnerability pretty fast. It's safe to (and necessary that you) change your passwords for sites with a green check mark in the link that Dean provided. However that isn't an exhaustive list—there may be other sites that you need to change your password on. If you receive a legitimate email asking you to change your password for a site, then you should do so. Oddly, I've only received one email warning about heartbleed, and that was from the fastmail.fm email service.

Edit: Twitter doesn't have a green check mark in the list, but they did apply a patch so it's safe to log in and change your password there.

JNiles:
Just noticed a suspicious and HUGE transaction on my credit card... some bastard ordered up a gigantic cash advance on it.  I reported the fraud and closed the account.  The timing is right around the time of the Heartbleed announcement... but I only just saw my bill just now.  Anyway, changing passwords starting with the most important ones. -_-;;;;

Navigation

[0] Message Index

[#] Next page

Go to full version