A newly discovered security bug nicknamed Heartbleed has exposed millions of usernames, passwords and reportedly credit card numbers — a major problem that hackers could have exploited during the more than two years it went undetected. It’s unlike most of the breaches reported over the past few years, in which one Web site or another got hacked or let its guard down. The flaw this time is in code designed to keep servers secure — tens of thousands of servers on which data is stored for thousands of sites. That’s why some experts were calling Heartbleed the worst bug yet, something that should worry everyone who frequents the Internet or does business on it. It’s as if someone went on vacation not knowing the lock on the front door was broken. Could someone walk in? Yes. Will they? Did they? Who knows.
Also read: Google has patched most of its major services from the Heartbleed Bug at Engadget.
Also read: How Heartbleed Works: The Code Behind the Internet’s Security Nightmare at Gizmodo.
Also read: Heartbleed: How and Why to Change Your Passwords Today at The Wall Street Journal’s Bits Blog.