IT Support in Seattle

Enter Your Information Below To

Book a Complimentary Review.

















CyberStreams will never sell or rent your contact information. Your info is secure with us.

The Reality of Heartbleed

By:Christine Fettinger

Information regarding the Heartbleed vulnerability is completely scattered with inaccurate misconceptions. Every major news outlet is writing their share of media with no solutions. In fact the media has misidentified this Heartbleed bug as a “virus”.

Defining Heartbleed:

Heartbleed is a vulnerability in OpenSSL security (used frequently in secure websites; such as banking, healthcare, etc.)

Just today (as of writing this) a Heartbleed attack has already affected the Canadian tax agency by delaying their tax-return deadline for a week.

Typical information types targeted include:

  • Personal information including address, phone numbers, and contacts
  • Financial credentials such as tax, accounting, credit card, bank accounts, and payment information
  • Confidential business documents pertaining employee, tax, and client information

What’s next?

Small and medium sized businesses are recommended to assess their network security devices used to remotely access office networks. Such devices used in transition for passwords and usernames should be inspected and monitored. Manufacturers in the process of providing updates with security patches should beĀ implemented immediately. (need help with this?)

Safety Precautions

From a business perspective, no company wants to be identified as being vulnerable to the Heartbleed bug.

Most companies have already implemented security protocols. However, you will still want to schedule routine password changes with a unique password. (It is advised not to use the same password for multiple websites)

In particular, consider the following list and change passwords appropriately. If the service is not available for patching, you’ll want to change your password again after they fully resolve the vulnerability.

List of Major Affected Websites (as of 4.17.14)

Social Media Should You Change Your Password? Patched?
Facebook and Instagram Yes Yes
Twitter and Vine Yes No
Pinterest Yes Yes
Google Plus and YouTube Yes Yes
Tumblr Yes Yes
LinkedIn and Slideshare No No
Email Should You Change Your Password? Patched?
Gmail Yes Yes
Yahoo Mail Yes Yes
AOL No No
Hotmail and Outlook No No
Financial Institutions Should You Change Your Password? Patched?
Bank of America No No
Chase No No
E*Trade No No
PNC No No
TD Ameritrade No No
American Express No No
Capital One No No
Government and Taxes Should You Change Your Password? Patched?
1040.com No No
FileYourTaxes.com No No
H&R Block No No
Healthcare.gov No No
IRS No No
TaxACT No No
USAA Yes Yes
TurboTax No No
Other Popular Sites and Companies
Should You Change Your Password? Patched?
Amazon No No
Amazon Web Services Yes Yes
Apple No No
Microsoft No No
eBay No No
Dropbox Yes Yes
GoDaddy Yes Yes
SoundCloud Yes Yes
WordPress Yes Yes
Yahoo Yes Yes

As always CyberStreams can provide assistance for vulnerabilities such as these. Creating an action plan for future attacks is necessity towards safeguarding data information. Give us a call at:(425) 2_74-1121