Monday, April 21, 2014

'Heartbleed' checkup with votetrends

On April 7, 2014, the Heartbleed vulnerability was revealed to the world community. Discovered by Codenomicon employeed Rku, Antti and Matti and Google employee Neel Mehta, the bug enabled hackers to potentially retrieve sensitive user data entered into websites, emails and mobile applications. The Heartbleed bug involves a memory handling error in OpenSSL encryption. OpenSSL is a widely used Internet protocol which enables web and mobile users to securely transmit data and information through “secure sockets layer”.

As ubiquitous as this vulnerability is, luckily there have only been several instances of data theft. For example, the Canada Revenue Agency reported loss of 900 taxpayer social insurance numbers and the parenting site Mumsnet had several user accounts stolen. Other big companies such as Instagram, Facebook and Google have been affected by the Heartbleed vulnerability. Many of these companies have already released patches that protect its users against this vulnerability.

Heartbleed: The latest cyberattack to hit the global network
To protect yourself, we here at votetrends advise you to change your passwords once the website has announced a fix. We advise you to keep your bank account and email passwords different from the ones you use to access social media websites. Over the next 2-3 weeks, it is important to monitor your sensitive accounts. Lastly, if offered you should choose options that enable you, the user, to have multiple layers of security such as double verification.

Here at votetrends, we value everyone’s right to privacy. We can proudly claim that Heartbleed has not affected our users. 

We are more concerned about you: Have you been affected by Heartbleed? While we aren't certain to what extent the damage has been done, we can be certain of knowing that this will not be the last attempt by hackers to access sensitive personal data at a global level. The best way to protect yourself is by remaining vigilant and keeping your personal information... personal.

No comments:

Post a Comment