Internet blog users have recently been advised to immediately change their password information due to a bug known as “Heartbleed.” The bug has been recently been discovered as gaining access to OpenSSL, a technology used by many online services, which may be leaving user data all across the Internet very vulnerable to hackers. This new information has caused havoc for Tumblr business – the company is urging users to change their passwords immediately, as hackers now have the possibility to retrieve code from websites, giving them access to user data and passwords, using the popular Open SSL security library. Not seeming to be so secure now! This lock icon has been a trusted method for using password storage, personal emails, safe credit card info, but unfortunately, was actually making all that private information accessible to anyone who knew about the exploit, which Tumblr blogged about.
The bug affects only 1 version of open SSL, and a fix for the problem has been issued. Tumblr is urging users to take a few minutes out of their day to secure their safety by changing their passwords. The bug was covered by Neel Mehta of Google’s security team and ones at Codenomicon, a security website created that also created a website with info about ‘Heartbleed.’ This vulnerability was only recently discovered – this affected version of OpenSSL has been around for a whole two years! On the bright side, there is still uncertainty around whether these hackers have even used the bug to steal data from any forms being used by open version of OpenSSL. In other words, though the hackers and bugs have been discovered, it isn’t necessarily positive that any data HAS been stolen or advantage has even taken from any forms being used by this open version of OpenSSL. This could be a big opportunity for loss of users and loss of business for Tumblr, whose users, uncertain for their prinvacy and Internet safety, may lose the trust in the blogging service and other OpenSSL services.