The Internet has been going wild this week due to the revelation that a bug, called Heartbleed, had left some of our most valuable information open for two years to hackers who knew about it. Now, it seems, while some hackers may have known about it, the NSA definitely knew about it.
The NSA regularly used the bug to spy on users, and opted to keep it secret for two years in order to exploit it. From Bloomberg:
... the NSA has more than 1,000 experts devoted to ferreting out such flaws using sophisticated analysis techniques, many of them classified. The agency found the Heartbeat glitch shortly after its introduction, according to one of the people familiar with the matter, and it became a basic part of the agency’s toolkit for stealing account passwords and other common tasks.
So, we can't fix the past, but here's what you can do now:
- Change Your Passwords for These Widely-Used Websites Now
- About Heartbleed: The Reason Why You'll Soon Have to Change Almost Every Internet Password You Have