Madison
15° F
Overcast
Overcast
Advertisement

Security bug Heartbleed takes over Internet

Published On: Apr 10 2014 09:59:37 PM CDT   Updated On: Apr 11 2014 07:27:09 AM CDT

A security bug set off a storm of worry across the Internet this week. Its name is Heartbleed and it could make websites vulnerable to hackers.

MADISON, Wis. -

A security bug set off a storm of worry across the Internet this week. Its name is Heartbleed and it could make websites vulnerable to hackers.

One data analysis website found more than 17 percent of the top 1 million sites on the web may have been exposed.

The bug compromised web encryption technology used on popular websites, potentially exposing personal information to hackers. But security experts said users shouldn't change their passwords just yet.

“I’m a bit obsessive about technology, so I’ve read quite a bit,” University of Wisconsin-Madison professor Jerome Camal said. “You have to take all of these things very seriously.”

Hackers took advantage of a leak in a system called OpenSSL that many major sites use to encrypt data. They tricked a server into turning the encrypted gibberish into readable information. Two-thirds of websites may have been vulnerable to this flaw.

The problem has persisted for two years and security experts had no idea.

“It was a badly written piece of code in that application and somebody figured out, 'If I do this, I can see all of this,'” said Madison College Information Security Director Mike Masino. “Theoretically, you could have gotten your username and password stolen any time throughout that this has been vulnerable.”

If you want to change your password, experts suggest holding off while websites big and small work to patch the problem.

Paypal, Chase and LinkedIn said they weren’t impacted, while other sites like Google said it has made the appropriate fixes.

“I think people who aren’t paying attention should definitely pay attention to it,” Camal said.

Madison companies UW Credit Union, Cuna and Meriter Health Services said they weren’t affected. But American Family Insurance said its systems that use OpenSSL are either not vulnerable or have been patched.

There is a website available where online users can check to see if a site is vulnerable.

Advertisement
  • Mil debate media gallery main

    Win McNamee/Getty Images

    Clinton, Sanders face off in Milwaukee debate

    Democratic presidential candidates Sen. Bernie Sanders and Hillary Clinton participate in the PBS NewsHour Democratic presidential candidate debate at the University of Wisconsin-Milwaukee in Milwaukee. The debate is the final debate before the Nevada caucuses scheduled for Feb. 20.

  • Wildlife refuge

    CNN

    Oregon armed protesters: What to know

    A 41-day occupation at a federal wildlife refuge in Oregon ended Thursday when the four remaining protesters surrendered to authorities. Here is what to you need to know about the group.

  • Titanic II

    Blue Star Line

    Titanic II: A look inside

    The new Titanic II will be practically identical to the original luxury liner, which famously sank in April 1912 after striking an iceberg on its maiden voyage. Here's a look inside the ocean liner, which is slated to sail in 2018.

  • Audrey

    Audrey

    Look Who's 3

    Check out who's turning 3, and send in your photo.

  • Valentine's Day card

    Valentine's Day

    Gift ideas, getting in the mood, popping the question, recipes and ideas for kids, all in our special section dedicated to Valentine's Day.

  • heart--stethoscope--doctor--medical---21654271

    Healthy Heart

    Tips to stay heart healthy, reducing your risk of heart disease, advice and the latest research on heart health.

Advertisement