WATCH TV LIVE

Skip to main content
Tags: heartbleed | bug | steals | passwords | user | names

'Heartbleed' Bug Steals Passwords, User Names by the Millions

By    |   Wednesday, 09 April 2014 07:05 AM EDT

A newly discovered security breach dubbed the "Heartbleed" bug has been stealing user names, passwords, and other private information from millions of Internet users for the past two years, tech experts revealed Monday.

The Heartbleed bug exploits a weakness in a software program called OpenSSL, which is commonly used by websites like Yahoo, Flickr, and Imgur to encrypt sensitive information, according to The Washington Post. What's most frustrating, however, is that the Heartbleed bug leaves no trace so there's virtually no way of knowing how many people's online accounts have been compromised.

"You should care about this because — whether you realize it or not — a hell of a lot of the security infrastructure you rely on is dependent in some way on OpenSSL," Matthew Green, a cryptographer and research professor at Johns Hopkins University, wrote in a blog post on his website this week. "This includes many of the websites that store your personal information. And for better or for worse, industry’s reliance on OpenSSL is only increasing."

Urgent: Do You Approve Or Disapprove of President Obama's Job Performance? Vote Now in Urgent Poll

Top websites like Facebook, Google, Wikipedia, Amazon, Twitter, Apple, and Microsoft are not "vulnerable" to the Heartbleed bug, Yahoo Tech noted.

Still, experts say the bug is among the most serious security breaches in recent years.

"Once an attacker has a website's encryption keys, anything is fair game," Yahoo Tech reported. "Instead of slipping through a proverbial crack in the wall, he can now walk in and out the front door."

So what should Internet users do if there's no way of knowing they've been targeted?

"I would change every password everywhere because it's possible something was sniffed out," Wolfgang Kandek, chief technology officer for Qualys, a maker of security-analysis software, told The Associated Press. "You don't know because an attack wouldn't have left a distinct footprint."

Urgent: Assess Your Heart Attack Risk in Minutes. Click Here.

© 2025 Newsmax. All rights reserved.


Click Here to comment on this article
Share
TheWire
A newly discovered security breach dubbed the "Heartbleed" bug has been stealing user names, passwords, and other private information from millions of Internet users for the past two years, tech experts revealed Monday.
heartbleed,bug,steals,passwords,user,names
324
2014-05-09
Wednesday, 09 April 2014 07:05 AM
Newsmax Media, Inc.

Sign up for Newsmax’s Daily Newsletter

Receive breaking news and original analysis - sent right to your inbox.

(Optional for Local News)
Privacy: We never share your email address.
Join the Newsmax Community
Read and Post Comments
Please review Community Guidelines before posting a comment.
 
TOP

Interest-Based Advertising | Do not sell or share my personal information

Newsmax, Moneynews, Newsmax Health, and Independent. American. are registered trademarks of Newsmax Media, Inc. Newsmax TV, and Newsmax World are trademarks of Newsmax Media, Inc.

NEWSMAX.COM
America's News Page
© Newsmax Media, Inc.
All Rights Reserved
Download the Newsmax App
Apple
Android
Amazon
Samsung
Vizio
Roku
Sony
LG
Scan QR code to get the NewsmaxTV App
NEWSMAX.COM
America's News Page
© Newsmax Media, Inc.
All Rights Reserved