What can I do to protect myself from the OpenSSL Heartbleed vulnerability when using Internet based services?
The following is information on what you can do to protect yourself from the OpenSSL Heartbleed vulnerability when using Internet based services.
1. Do not log into accounts from affected sites until you're sure the company has patched the problem. If the company hasn't been forthcoming, you can check sites on an individual basis here: http://filippo.io/Heartbleed/, though caution is still advised even if the site gives you an "all clear" indication. If you're given a red flag, avoid the site for now.
2. Once you've got confirmation of a security patch, change passwords of sensitive accounts like banks and email first. Even if you've implemented two-factor authentication - which, in addition to a password asks for another piece of identifying information, like a code that's been texted to you - changing that password is recommended.
3. Don't be shy about reaching out to small businesses that have your data to make sure they are secure. Be proactive about making sure your information is safe.
4. Keep a close eye on financial statements for the next few days. The bug allows attackers to access a server's memory for credit card information, so it wouldn't hurt to be on the lookout for unfamiliar charges on your bank statements.
*For more information on this vulnerability, see http://heartbleed.com
**Portions of this article were taken from http://www.cnet.com/news/how-to-protect-yourself-from-the-heartbleed-bug
Last Updated 10th April 2014 12:34:19 pm
Submitted ByThomas Dixon
Print this page
Email this page
Post a comment
Add to favorites
Edit this Article
Export to PDF
Copyright 2008 California State University, East Bay. All Rights Reserved. • 25800 Carlos Bee Boulevard, Hayward, CA 94542 • phone 510-885-3000