A major security flaw called Heartbleed was recently discovered by a researcher at Google and a Finnish security firm called Codenomicon.
This issue is a flaw in OpenSSL, which is the encryption technology that more than 60% of the websites on the Internet, including HealthUnlocked, use. Websites that use this encryption technology are usually indicated by a lock icon in the browser so that visitors know that their details are protected and hidden.
Heartbleed was caused by a small coding error in OpenSSL the consequences are important. Though the risk is minimal, there is the chance that someone could have exploited the bug to capture some of your personal information like passwords.
Here at HealthUnlocked we already fixed this error and for added measure we made every member logout so that they have to login again. Websites around the world are in the process of releasing similar fixes to their respective platforms. Additionally, we strongly recommend that everyone does the following:
- log out from any websites where you selected ‘keep me logged in’ and log back in
- update all your passwords
Click here for 3 tips to quickly create a strong and secure password for your online accounts.
If you’re interested in a technical explanation of Heartbleed, here’s a very clear video by Zulfikar Ramzan, MIT Ph.D. and CTO of a cloud security firm called Elastica.