IT Support in Seattle

Enter Your Information Below To

Book a Complimentary Review.

















CyberStreams will never sell or rent your contact information. Your info is secure with us.

The Reality of Heartbleed

By:Christine Fettinger

Information regarding the Heartbleed vulnerability is completely scattered with inaccurate misconceptions. Every major news outlet is writing their share of media with no solutions. In fact the media has misidentified this Heartbleed bug as a “virus”.

Defining Heartbleed:

Heartbleed is a vulnerability in OpenSSL security (used frequently in secure websites; such as banking, healthcare, etc.)

Just today (as of writing this) a Heartbleed attack has already affected the Canadian tax agency by delaying their tax-return deadline for a week.

Typical information types targeted include:

  • Personal information including address, phone numbers, and contacts
  • Financial credentials such as tax, accounting, credit card, bank accounts, and payment information
  • Confidential business documents pertaining employee, tax, and client information

What’s next?

Small and medium sized businesses are recommended to assess their network security devices used to remotely access office networks. Such devices used in transition for passwords and usernames should be inspected and monitored. Manufacturers in the process of providing updates with security patches should be implemented immediately. (need help with this?)

Safety Precautions

From a business perspective, no company wants to be identified as being vulnerable to the Heartbleed bug.

Most companies have already implemented security protocols. However, you will still want to schedule routine password changes with a unique password. (It is advised not to use the same password for multiple websites)

In particular, consider the following list and change passwords appropriately. If the service is not available for patching, you’ll want to change your password again after they fully resolve the vulnerability.

List of Major Affected Websites (as of 4.17.14)

Social MediaShould You Change Your Password?Patched?
Facebook and InstagramYesYes
Twitter and VineYesNo
PinterestYesYes
Google Plus and YouTubeYesYes
TumblrYesYes
LinkedIn and SlideshareNoNo
EmailShould You Change Your Password?Patched?
GmailYesYes
Yahoo MailYesYes
AOLNoNo
Hotmail and OutlookNoNo
Financial InstitutionsShould You Change Your Password?Patched?
Bank of AmericaNoNo
ChaseNoNo
E*TradeNoNo
PNCNoNo
TD AmeritradeNoNo
American ExpressNoNo
Capital OneNoNo
Government and TaxesShould You Change Your Password?Patched?
1040.comNoNo
FileYourTaxes.comNoNo
H&R BlockNoNo
Healthcare.govNoNo
IRSNoNo
TaxACTNoNo
USAAYesYes
TurboTaxNoNo
Other Popular Sites and Companies
Should You Change Your Password?Patched?
AmazonNoNo
Amazon Web ServicesYesYes
AppleNoNo
MicrosoftNoNo
eBayNoNo
DropboxYesYes
GoDaddyYesYes
SoundCloudYesYes
WordPressYesYes
YahooYesYes

As always CyberStreams can provide assistance for vulnerabilities such as these. Creating an action plan for future attacks is necessity towards safeguarding data information. Give us a call at:(425) 2_74-1121