TalentZoo.com |  Beyond Madison Avenue |  Flack Me |  Beneath the Brand Archives  |  Categories
Heartbleed Hell
By: Victoria Hoey
Bookmark and Share Subscribe to the Digital Pivot RSS Feed Share
Settle down, all you Chicken Littles out there. The sky is not falling. The Internet just experienced a proverbial “contraception failure.” Chances are, you were NOT affected. Here are a few things you should know about the Heartbleed bug.

So far, the first confirmed losses are minimal:
  • The Canada Revenue Agency said that 900 people's social insurance numbers had been stolen. Andrew Treusch, Commissioner of the Canada Revenue Agency (CRA), said government security agencies notified his office "of a malicious breach of taxpayer data that occurred over a six-hour period" last week. Government officials, he added, are combing through CRA systems and "analyzing other fragments of data, some that may relate to businesses, that were also removed." The CRA rebooted its site over the weekend after the patch was installed and the federal police are investigating.
  • Mumsnet (a leading UK site for parents) believes that the cyber thieves may have obtained passwords and personal messages before it patched its site. On Saturday, Mumsnet reset all passwords for its 1.5 million registered members and urges, “If you use the same password here as elsewhere, we strongly recommend you change your password on the other sites, too. **There is nothing more hilarious than the comments made by angry women in the UK. Check out the Mumsnet Talk page.**
It was not the NSA:
Thirty-one-year-old German computer programmer Robin Seggelman has accepted responsibility for the Heartbleed bug. According to a report in the Sydney Morning Herald, Seggelman made the mistake while trying to improve the OpenSSL cryptographic library on 31 December 2011. He said, "It was not intended at all, especially since I have previously fixed OpenSSL bugs myself, and was trying to contribute to the project."

AndROID Rage:
Google still hasn’t patched roughly 35% of the mobile devices running Android Jellybean OS 4.1.1. These phones are slightly older (most came out in 2012). You can check to see which OS your phone is running by simply going to the Settings menu > About Device. Install any available system updates and change your passwords FROM YOUR COMPUTER. There are also free Heartbleed Scanning apps you can download, but they will NOT fix anything. Their sole purpose is to tell you that your system is vulnerable, then get you to buy their protection software! I tested three of them on my Samsung Galaxy S4, got three completely different results, and I am running KitKat (4.4.2).
 
What to do?
1. Don’t respond to any emails that ask you to click a link in order to change your password. All passwords should be changed by visiting sites directly from your desktop.
2. If you have an Android/HTC/LG phone that came out around 2012, check your OS and update as soon as the patch is available.
3. If you are Canadian, keep an eye on the mail. Individuals will be notified by the Department of Employment if there are any concerns regarding changes made to information on SIN records.
4. Never anger British Mums!


Bookmark and Share Subscribe to the Digital Pivot RSS Feed Share
blog comments powered by Disqus
About the Author
Victoria Hoey is a recent graduate with degrees in copywriting and advertising.
Digital Pivot on

Advertise on Digital Pivot
Return to Top