February 20, 2013
I read an article this morning about the HeartBleed bug in a type of encryption technology used to ensure your account information and passwords are secure on the internet.
It seems that yesterday it was publicly revealed that 66% of web sites have this bug and have had it for the past 2 years. I e-mailed all the institutions I bank with or make on-line purchases through to see if I have been vulnerable. Some like Hubert, Accelerate, Peoples Trust, Paypal, Ebay, and Amazon have responded that they do not use this technology and therefore I was not vulnerable. I found a tool you can use to check out HTTPS links to see if they are vulnerable.
I tried it on Tangerine Bank earlier today and it came back as vulnerable. Just a few minutes ago I tried it again and they now seem to have fixed the vulnerability? The recommendation from some of the articles I read talks about changing all your passwords for sensitive accounts once you know the site is no longer vulnerable. I guess if the site never used the flawed technology you don't have to?