The Heartbleed bug is a web server exploit that has the potential to compromise your online username and password. It has not been determined that this has actually happened. IT consultant providers have suggested changing all of your passwords.

I suggest you change your password for sites that have banking and credit card information at the very least.

Please Google "heartbleed bug" for more information regarding this latest online threat.

Dana
Lotus of the Villages (Not the flower,the car)

Thanks, Dana. Did the web search and read the links. It appears worthwhile to make some password changes.

I checked with Snopes.com===they tell of this virus. But then I checked with "Truth or Fiction" which is another site similar to Snopes....they didn't have it there. Where did you find out this information???

Here's a link to the story at Cnet

How to protect yourself from the 'Heartbleed' bug - CNET (http://www.cnet.com/news/how-to-protect-yourself-from-the-heartbleed-bug/)

You can find news articles about it doing a search.

So...if you change your passwords, what prevents THOSE passwords from being compromised? When it the possible "threat" over so that you can stay with your newest password?

So...if you change your passwords, what prevents THOSE passwords from being compromised? When it the possible "threat" over so that you can stay with your newest password?

Each banking institution must initiate its own "patch" to fix the problem for them.

I sent an e-mail to my institution asking if they had completed the patch so that my new password would not be compromised.

.

Contact the web site and ask. Are your servers patched to avoid the heartbleed bug? All banks and larger retailers that deal with credit cards will respond. If you there is a small online company you are dealing with it is possible they are not yet aware of this problem.

I watched a segment on this on Fox News earlier today. Unfortunately, I don't know the guest's name. He didn't recommend changing your password. He said you should go to lastpass.com and check out the URL of the site you want to access or to contact them directly to see if they had done the patch.

He was particularly concerned because this is tax season. He said he had contacted the IRS and they didn't know anything about it.

what I do not understand is if the bug sends a false "heartbeat" (per the nightly news) and then scavenges data....what does changing the password inhibit?

There will still be a customer to bank connection via old or new password.....and the false heartbeat invades in either case.

Thus far I haven't read anything that answers my curiosity.

My password is *******. Thinking of changing it to *******

The Heartbleed bug is a web server exploit that has the potential to compromise your online username and password. It has not been determined that this has actually happened. IT consultant providers have suggested changing all of your passwords.

I suggest you change your password for sites that have banking and credit card information at the very least.

Please Google "heartbleed bug" for more information regarding this latest online threat.

Dana
Lotus of the Villages (Not the flower,the car)


Thank you. My husband and I just heard about it for the first time on the evening news.

what I do not understand is if the bug sends a false "heartbeat" (per the nightly news) and then scavenges data....what does changing the password inhibit?

There will still be a customer to bank connection via old or new password.....and the false heartbeat invades in either case.

Thus far I haven't read anything that answers my curiosity.

AFTER you verify that your financial institution has done the patch "fix" THEN you change your password. The patch kills the current heartbeat.

The fear is that your old password may have already been "harvested" by the bug, so if you don't change it after the patch then the bad guys can use it even after the patch is done.

,

AFTER you verify that your financial institution has done the patch "fix" THEN you change your password. The patch kills the current heartbeat.

The fear is that your old password may have already been "harvested" by the bug, so if you don't change it after the patch then the bad guys can use it even after the patch is done.

,

Thanx Carl; just read the article in this AM paper stating exactly that. Now just a matter of contacting those institutions used to see if they have done the fix yet,

Here's an article on cnn.com that lists major sites that have been updated, those not affected, and others with status unknown. They say they will update this page as info comes in.

Heartbleed bug: passwords to change right now - Apr. 10, 2014 (http://money.cnn.com/2014/04/10/technology/security/heartbleed-passwords/index.html?hpt=hp_t3)