Yesterday, I sent you an email with links to two New York Times articles alerting you to change passwords to your critical websites when you are notified that they have corrected the “Heartbleed” security flaw that affects all secure websites. For all you Cursillo “techies” out there, here’s a link in today’s New York Times that explains how the flaw developed: http://bits.blogs.nytimes.com/2014/04/09/qa-on-heartbleed-a-flaw-missed-by-the-masses/.
Within that news article you’ll find this link where you can input your critical website addresses to see if the security flaw has been fixed (just in case your shopping, personal, and financial websites do not alert you): http://filippo.io/Heartbleed/. Once you know the fix has been made to a particular website, you can then change your password to that website to prevent hackers from using previously stolen information from being used against you (like emptying out your bank, savings, and retirement accounts and running up your credit cards).
I just tested all of my critical websites, and it looks like they have fixed the security flaw, so I changed all of my passwords. Since any personal data you’ve ever entered online in the past two years is at risk (including Social Security numbers), it would be wise to also request a free annual credit report from the three major credit bureaus to ensure no bogus accounts have been set up in your name (see: http://www.fdic.gov/consumers/consumer/news/cnwin0203/three.html). This is all so time-consuming, but as the saying goes, “An ounce of prevention is worth a pound of cure”.
Within that news article you’ll find this link where you can input your critical website addresses to see if the security flaw has been fixed (just in case your shopping, personal, and financial websites do not alert you): http://filippo.io/Heartbleed/. Once you know the fix has been made to a particular website, you can then change your password to that website to prevent hackers from using previously stolen information from being used against you (like emptying out your bank, savings, and retirement accounts and running up your credit cards).
I just tested all of my critical websites, and it looks like they have fixed the security flaw, so I changed all of my passwords. Since any personal data you’ve ever entered online in the past two years is at risk (including Social Security numbers), it would be wise to also request a free annual credit report from the three major credit bureaus to ensure no bogus accounts have been set up in your name (see: http://www.fdic.gov/consumers/consumer/news/cnwin0203/three.html). This is all so time-consuming, but as the saying goes, “An ounce of prevention is worth a pound of cure”.