The Heartbleed bug, which gave nightmares to almost everyone connected to the Internet in the whole world, has made a comeback in headlines once again. After its first introduction in news in April this year, it took only four months for this deadly vulnerability to claim its biggest victim.
America’s second largest for profit hospital chain, Community Health System, falls prey to the Heartbleed bug that makes the hospital’s database vulnerable and becomes a big help in getting it hacked.
The Heartbleed bug allowed Chinese hackers steal secret keys used to encrypt passwords and other information of CHS’s network. The Chinese hackers then gained access to the hospital’s patient data and swept away with the details of 4.5 million patients. The stolen data include names, addresses, social security numbers and birth dates of the patients.
The case of Community Health System becomes the first case when Heatbleed bug was used in hacking and stealing a company’s details.
Talking about the entire saga of this data theft, security firm TrustedSec posted on its blog, “The initial attack vector was through the infamous OpenSSL ‘heartbleed’ vulnerability which led to the compromise of the information. This confirmation of the initial attack vector was obtained from a trusted and anonymous source close to the CHS investigation. Attackers were able to glean user credentials from memory on a CHS Juniper device via the heartbleed vulnerability (which was vulnerable at the time) and use them to login via a VPN.”
As the investigators suggest the Heatbleed bug’s presence in CHS’s systems, there is a high possibility of the bug sitting in many other companies’ hardware.
Here we bring some steps for you to follow in order to avoid becoming a victim of the deadly Heartbleed bug.
Check if Your Frequently Visited Websites Are Affected:
What Website are affected is the question Millions of people are asking on the web since Monday and there is a simple answer to that. Just Go one the below mentioned link and check if the website you visit often is at risk or not.
http://s3.jspenguin.org/ssltest.py
Click on the link and enter the website address to see if you have chances of being exposed? If yes go and change your pass words and clear your direct messages before it’s too late.
Update Passwords of Every Online Account You Own:
Start with your Yahoo account if you have one. Yahoo was once attacked with Heart Bleed bug some 2 years ago and it is clear that it is still venerable. Thousands of Yahoo password have been stolen and chances are your
Be Informed About What Can Get Leaked:
The heartbleed bug website that is designed to help common users understand the effects of the bug says “We attacked ourselves from outside, without leaving a trace. Without using any privileged information or credentials we were able steal from ourselves the secret keys used for our X.509 certificates, user names and passwords, instant messages, emails and business critical documents and communication.”
So know that you know what is at stack save the important document on your PC and delete them from your mail, direct messages if possible.
Avoid Online Banking As Much Possible:
Just because your banking site is not affected from Heart Bleed Bug yet doesn’t mean it’s totally safe to do online banking. Sometimes it takes a while for the bank to realize that they have been hit by the bug and by the time action would be taken your information could be already in hands of the cyber thief.
The best way to keep your bank account safe would be avoiding online banking for a while.
Remove Your Credit Card Details from Online Stores:
Most of us save our credit card information on various online services these days. Be it an ecommerce store or an online video or song streaming service we store our bank details and select auto payment options to save ourselves time and avoid hassle.
With the venerability like Heart Bleed Bug affecting most websites this is not the best time to have your bank account information online. Try to remove your account information from e commerce websites and anywhere else who have stored them on the web to avoid cyber theft.
Avoid Clinking Unreliable Links:
Cyber criminals and hackers often create bogus link and duplicate websites to take advantage of the venerability. To keep your important information safe from cyber crime gang avoid clicking on links that seem unreliable and unsafe. Do not click on a shady link even if it comes from a person you know very well, it could have come from a hacker who have accessed your friends account.
Cut Your Web Usage:
The best way to stay away from this widespread bug is to just keep your web usage as limited as possible. Experts are positive about finding a solution for the bug and it won’t be long before they come up something to make us feel safer on the web but until than try to limit your web time.