It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Thank you.
Some features of ATS will be disabled while you continue to use an ad-blocker.
The Heartbleed vulnerability went undetected for about two years and can be exploited without leaving a trace, so experts and consumers fear attackers may have compromised large numbers of networks without their knowledge.
Companies and government agencies are now rushing to understand which products are vulnerable, then set priorities for fixing them. They are anxious because researchers have observed sophisticated hacking groups conducting scans of the Internet this week in search of vulnerable servers.
"Every security person is talking about this," said Chris Morales, practice manager with the cybersecurity services firm NSS Labs
Email providers
Here are the ones that were vulnerable:
• Yahoo Mail: Was affected! But patched. You should change your password.
• Gmail: Was affected! But patched. A Google representative told Mashable you need not change your password. But you should probably do it anyway, just in case.
And the ones that were not:
• AOL: Was not affected. You do not need to change your password.
• Hotmail/Outlook: Was not affected. You do not need to change your password.
Hey, that was a fun round. Now let’s move on to …
Online stores
Here are the ones that were vulnerable:
• Amazon Web Services (for website operators): Was affected. If you use Elastic Load Balancing, Amazon EC2, Amazon Linux AMI, Red Hat Enterprise Linux, Ubuntu, AWS OpsWorks, AWS Elastic Beanstalk, or Amazon CloudFront, you should change your password.
• eBay: Was probably not affected. But you should change your password just in case.
• GoDaddy: Was affected! But patched. You should change your password.
And the ones that were not:
• Amazon: Was not affected. You do not need to change your password.
• PayPal: Was not affected. You do not need to change your password.
• Target: Was not affected. You do not need to change your password.
Tax- and government-related
Here are the ones that were vulnerable:
• Intuit (TurboTax): Was affected! But patched. You should change your password.
And the ones that were not:
• Healthcare.gov: Was not affected. You do not need to change your password.
• 1040.com: Was not affected. You do not need to change your password.
• FileYour Taxes.com: Was not affected. You do not need to change your password.
• H&R Block: Was not affected. You do not need to change your password.
• IRS: Was not affected. You do not need to change your password.
Social networks
Here are the ones that were vulnerable:
• Tumblr: Was affected! But patched. You should change your password.
• Twitter: Unclear. It’s “monitoring the situation.” So maybe wait a few more days and then change your password.
• Facebook: Unclear! It has “added protections,” so it’d be best to change your password.
And one that was not:
• LinkedIn: Was not affected. You do not need to change your password.
Other important websites
Here are the ones that were vulnerable:
• Google: Was affected! But patched. Google says you don’t need to, but just to be safe, you should probably change your password for the following Google services: Search, Gmail, YouTube, Wallet, Play, Apps, and App Engine. Google Chrome and Chrome OS were not affected.
• Yahoo: Was affected! But patched. You should change your password.
• Dropbox: Was affected! But patched. You should change your password.
• OkCupid: Was affected! But patched. You should change your password.
• SoundCloud: Was affected! But patched. You should change your password.
• Wunderlist: Was affected! But patched. You should change your password.
• IFTTT: Was affected! But patched. You should change your password.
• Netflix: Unclear. So maybe wait a few more days and then change your password.
And the ones that were not:
• Apple: An Apple spokesperson told Yahoo Tech that “Apple takes security very seriously. iOS and OS X never incorporated the vulnerable software and key web-based services were not affected.” So, no need to change your password.
• Amazon: Was not affected. You do not need to change your password.
• Microsoft: Was not affected. You do not need to change your password.
• Evernote: Was not affected. You do not need to change your password.
• Dashlane: Was not affected. You do not need to change your password.