Mashable Providing a Heartbleed Hit List
Earlier this week, news broke out about a major security flaw called Heartbleed that affected two thirds of the web, allowing hackers easy access to usernames, passwords, and other seemingly encrypted data through an OpenSSL hole. Sites utilizing the OpenSSL protocol have been patching the hole, but very few are actually reaching out to customers to let them know. There's a site to check for Heartbleed vulnerability, but it doesn't tell you if the site you're checking was ever vulnerable, just whether it is or isn't at the time you check. That's where Mashable comes in.
Mashable has compiled a list of some of the major sites, providing the information users need to know:
- Was it affected?
- Is there a patch?
- Do you need to change your password?
- What did they say?
Since the hole has existed for years, despite first being publicly disclosed Monday night, Mashable basically recommends changing the password for any site that was ever affected and patched, even if a site says no data was compromised. If there is a silver lining, the good news is that it appears no major banking or brokerage sites were ever affected, as they all seem to use different encryption and security protocols.