Skip to main content
  1. Tech
  2. Gadgets & Tech
  3. Tech Gear

Major security alert: Most website services affected by 'Heartbleed'

See also

A major security alert that affects most website services including banks, email and social media sites, has been announced after security researchers discovered a security flaw called “Heartbleed”, according to an April 9 report in “The Washington Post”.

“Heartbleed” is a security flaw that reveals user names, passwords, transations and private data to any hacker who knows how to take advantage of this security flaw. It doesn't matter if you surf the web on your iPad, iPhone, iPod Touch, Mac, PC or Android phone—the “Heartbleed” security flaw is in the websites, not in the iPad, iPhone, iPod Touch, Mac, PC or Android browsers that access them.

Specifically, “Heartbleed” is a security flaw in the millions of websites that use SSL, or Secure Socket Layer. SSL is meant to keep communications and data transfers between your computer (or iPad or whatever device that you're using to access the Internet) and a website's server private and safe. Banking, credit card and insurance websites are some examples of websites that use SSL. Any websites that lets users purchase items with credit cards also use SSL.

SSL software comes in different varieties—each with the same purpose—to protect your private transactions and communications. It is the most popularly used variety of SSL, called “Open SSL” that has the “Heartbleed” security flaw.

The scary part is that there is no way to tell if a hacker has been able to see your data through the “Heartbleed” security flaw. Also, other than logging out of a website after a user is done with it, there isn't much that web users can do about this “Heartbleed” security flaw. This is because the “Heartbleed” security problem exists on web servers. Web servers are huge computers that power websites. When you log on to Amazon for instance, you are logging on to Amazon's server.

Web companies are working to install an update to a new version of SSL software, which will solve the problem. Most major websites that use SSL should be fixed soon. Yahoo, for example, has announced that while Yahoo was vulnerable to a “Heartbleed” attack, it has now been patched.

Users can see which websites are still vulnerable to the “Heartbleed” security flaw—and which sites have corrected “Heartbleed”--by visiting this “Heartbleed” test website created by an Italian crypotonographer, although this test is not 100 percent accurate.

Once the website is fixed and no longer vulnerable to “Heartbleed”, users should change the password that they use to log in to that site.

If you enjoy this article about the new, major security alert warning about how most website services are affected by 'Heartbleed', comment and subscribe. Thanks!

Check these out:


Don't Miss

  • Unity
    'Assassin's Creed Unity' preview: Ubisoft comes home to its urban origins
    Games Preview
  • TV remote
    The new Peel app may make you decide to ditch your TV remote forever
    Tech Buzz
  • Destiny
    The 'Destiny' beta: 7 things we absolutely love about Bungie's new franchise
    Games Feature
  • iPhone
    Apple has posted huge profits ahead of the iPhone 6 release
    5 Photos
  • Far Cry
    'Far Cry 4' exclusive: Animals, avalanches, oxygen, side content and much more
    Games Interview
  • Charge phone
    Fact or fiction: Does putting your phone in airplane mode make it charge faster?

Related Videos:

  • Attendees gather at the Apple Worldwide Developers Conference at the Moscone West center on June 2, 2014 in San Francisco, California. Apple CEO Tim Cook kicked off the annual WWDC which is typically a showcase for upcoming updates to Apple hardware and s
    <div class="video-info" data-id="518310091" data-param-name="playList" data-provider="5min" data-url=""></div>
  • Nielsen and Facebook partners to gather Mobile TV viewers information
    <div class="video-info" data-id="518249257" data-param-name="playList" data-provider="5min" data-url=""></div>
  • Apple and IBM Logo
    <iframe width="560" height="315" src="//;allowfullscreen=true&amp;autoplay=1"></iframe>