Heartbleed is a fatal security flaw in the open source web encryption software OpenSSL. And because of OpenSSL's widespread adoption, it is estimated that around 66% of the world's web servers are affected. We reported about this earlier this week, but very briefly, it allows a hacker to trick a web server into handing over contents of its active memory. In it could contain potentially valuable information such as userids, addresses, passwords, credit card information and more.
The most problematic thing about Heartbleed is that breaches are impossible to detect and this bug has been in existence for over two whole years.
It gets worse for users, because until affected websites come clean and state that they have already rectified the problem on their end, there is little users can do to protect themselves. This is because even if they change their passwords at an affected website now, without the affected website first confirming that they have fixed the problem, hackers could have already obtained the security keys and the new password would remain vulnerable to hackers.
To help users keep track of what passwords do require changing and when they can be changed, Mashable has come up with this handy list. Some popular websites and services that require your immediate attention are as follows:
For a more comprehensive and extensive list, hit the source link below.