Worldwide Cyber Breach Puts Information of Millions at Risk

[ Return to Our Blog ]

ID-100109602Better change those passwords. Now. A recent massive security breach perpetrated by cyber thieves has put sensitive information including passwords, credit card information and other data at risk for nearly a billion Internet users worldwide.

 

The threat, which is being called “Heartbleed,” was discovered by a small team from the Finnish security firm Codenomicon. Hackers had cracked the encryption technology used to protect online accounts for emails, instant messaging and a wide range of electronic-funds transfer.

 

The threat went undetected for more than two years, according to the Associated Press. “I don’t think anyone that had been using this technology is in a position to definitively say they weren’t compromised,” David Chartier, Codenomicon’s CEO, told the AP. Further, it’s impossible to know whether an individual’s security was compromised as it would not have left a distinct digital footprint, experts say.

 

Yahoo Inc., which has than 800 million users worldwide, is among the Internet services that could potentially be affected. The Sunnyvale, Calif., company said in a statement Tuesday that most of its most popular services had been “fixed,” but there’s no way of knowing whose accounts may have been compromised. According to the AP, Heartbleed creates an opening in SSL/TLS, an open-source encryption technology marked by the small, closed padlock and “https:” on Web browsers to signify that traffic is secure. The flaw makes it possible to spy on Internet traffic even if the padlock had been closed. Perpetrators could also steal the keys for deciphering encrypted data without the website owners knowing the theft had occurred, security researchers say.

 

About two-thirds of Web servers rely on OpenSSL.

 

Now is a good time to change your most critical passwords, as many sites have now installed the Heartbleed “fix.” Changing one’s password too soon after a breach could do you no good, experts say, if the affected site is not yet clear of issues.

 

Image credit: foto76 / FreeDigitalPhotos.net

Contact Us

For more information, contact us today! Our Risk Advisors and Employee Benefit Consultants are available to answer any questions you may have. We look forward to working with you!

Subscribe

For the latest updates on pending legislation, emerging risks and other vital issues that impact your business, subscribe to our Risk Advisor & Benefits Advisor newsletters.

Seminars

Find an upcoming Loss Prevention Seminar near you! View our full schedule of Loss Prevention Seminar topics for information about our Loss Prevention Services.


Learn more about how Tolman & Wiker helps our clients succeed by lowering their total cost of risk:
Our Process | Performance Based Insurance


Blog Topics: [ Employee Benefits ] [ Health & Wellness ] [ Property & Casualty ] [ Risk Management ] [ Leadership ] [ Security ]

Blog | No Comments

Comments are closed.