The Heartbleed bug has been all over the media this week. The reason it’s generating so much buzz is because of its potential large impact. Many large websites have this vulnerability, so pretty much everyone needs to change some, if not all, of their passwords to minimize the impact.
Many websites have come out and said that they have seen no evidence of any access or data breach. However, according to Codenomicon, the organization that announced this vulnerability, an attack may not leave any trace. Therefore, consumers have been warned to change their passwords just to be on the safe side.
There are several lists (list 1 and list 2) out there that show which websites were affected, and which ones were not. I was glad to see that Paypal and my financial institutions were not impacted. However, I did see that Yahoo was affected, and likely Google (Google announced that there is no need to change the Google Account password, though many experts still recommend that you do so) as well. All internet users should check now to see if they need to change the password to any site that they login to.
References:
www.heartbleed.com
heardbleedvirus.com