Scope (?):  All Topics
Hot or Not?

What You Should Know About "Heartbleed" Bug, and When to Change Your Passwords

submitted on April 10, 2014 by HouTex in "Stores / Merchants"

Sites like Gmail, Yahoo, Facebook, American Express and iTunes may have exposed your username and passwords!
I was happy to learn that many sites like Chase, Wells Fargo, Bank of America, Walmart, Groupon, Amazon, and Paypal were not vulnerable!
The Heartbleed bug compromises the session keys that keep you logged into a website. This allows an outsider to pose as you without needing your passwords, or allow attackers to pose as a real website and trick you into giving up your personal details.

Even worse, the Heartbleed bug leaves no traces so you may never know when or if you've been hacked. According to this article - - most major websites are targets. A survey conducted by W3Techs showed that 81% of sites run on web server programs Apache and Nginx, and both programs are vulnerable to the Heartbleed bug.
Websites are racing to patch the Heartbleed bug, the worst security hole the Internet has ever seen.

As sites fix the bug on their end, you'll have to change your passwords. The Heartbleed bug allowed information leaks from a key safety feature that is supposed to keep your online communication private -- email, banking, shopping, and passwords.

Many companies did not inform their customers of the danger or even ask them to update their log-in credentials. So, here's a handy password list. It'll be updated as companies respond to questions.

Follow the list at this link to change your passwords -

  • 195020
    8 8 2
    Posted by supergirl on April 10, 2014
    [reply] 1 0
    Very vunerable are we ...thanks for sharing the information.
  • 195025
    Posted by YanBz on April 10, 2014 [reply] 0 0
    Buxr is not affected by this particular vulnerability. We are not using OpenSSL, or any SSL for that matter. On the other hand, since we are not using SSL your Buxr login is vulnerable to 'man in the middle' type of attack (since the session is not encrypted). This is nothing particular about Buxr, any site that doesn't use SSL is vulnerable.
  • 195036
    Posted by HouTex on April 10, 2014 [reply] 0 0
    You can minimize your risk by using different passwords on your accounts.
    Then if one account is compromised, the hackers won't gain access to all of them.
  • 195095
    1 6 7
    12 11 2
    Posted by clover on April 11, 2014 [reply] 0 0
    Thanks for the info!

Leave a Comment (members Sign in to comment)


E-Mail (will not be published)

2 x 3 = ?


'Mr Green''Neutral''Twisted''Arrow''Eek''Smile''Confused''Cool''Evil''Big Grin''Idea''Red Face'



Browse by tags