Digital Identity Blog

Thought leadership for cybersecurity, fraud and digital channel professionals

Heartbleed Part II: Some Online Passwords That Do and Don’t Need Changing to Relieve Some of the Heartburn Caused by Heartbleed

Posted
ThreatMetrix
By ThreatMetrix
ThreatMetrix®, The Digital Identity Company®, is the market-leading cloud solution for authenticating digital personas and transactions on the Internet. Verifying more than 20 billion annual transactions supporting 30,000 websites and 4,000 customers globally through the ThreatMetrix Digital Identity Network®, ThreatMetrix secures businesses and end users against account takeover, payment fraud and fraudulent account registrations resulting from malware and data breaches.
Follow ThreatMetrix ThreatMetrix's Most Recent Posts:

The Heartbleed flaw: In no time, it went from “That the name of a band?” to “The sky is falling. The sky is falling.” Now, if by chance you’ve been on Mars or in a marketing meeting (or in a marketing meeting on Mars) the last few days, Heartbleed is an encryption flaw in the Open SSL cryptographic software library.

Two-thirds of web servers worldwide use the Open SSL cryptographic software library to connect with end users and guard against digital eavesdropping. While the flaw was just discovered, it has been open to hackers for approximately two years. Best of all (that, of course is sarcasm) if a hacker were stealing data, nobody would know because the flaw made it possible to steal logins and passwords without leaving evidence the hacker was even there.

If you’re over 23 (give or take), you’re aware of the Y2K computer flaw when it was predicted that at 12:01 a.m. New Year’s Day 2000, planes would fall out of the sky, commerce would cease and there would be rioting, looting and chaos worldwide. And worst of all: no 2000 Super Bowl!

The point is no one exactly knows if data has been compromised or if hackers even knew about the flaw. Now, there is a fix and affected companies have either implemented it or are in the process of implementing it.

Mashable.com surveyed some of the most frequented sites on the web to find out the status of their fixes and whether they advised customers to change their passwords. Following is a partial list. You may find their complete list on mashable.com, “The Heartbleed Hit List: The Passwords You Need to Change Now.”

ThreatMetrix
By ThreatMetrix Posted