IT Support, Oxford, London & Reading

We look after your IT so you don't have to

Security Alert: Change your passwords

Published:

Chances are that you got up this morning to news of "Heartbleed", a serious flaw affecting millions of websites across the world. You may have even received a number of emails from various online service providers telling you that they have successfully patched their servers to correct the problem.

But what is Heartbleed?

A serious problem with encryption

To keep your sensitive information (like credit card numbers and address details) safe from criminals, website operators typically encrypt data as it passes over the Internet. Your web browser establishes a secure connection to the website using a technology called Secure Sockets Layer (SSL) - you should see a padlock icon in the address bar of your browser when communicating via SSL.

The SSL connection acts like a secure pipe between your computer and the website, so that should someone successfully intercept your web traffic, they will not be able to read it. Your data remain safe whilst in transit.

The OpenSSL factor

The Heartbleed problem is caused by a flaw in the software that many websites use to create SSL connections. Although the encryption works flawlessly, there is a problem with the way that unencrypted data is stored on the website, potentially leaving it open to theft by cybercriminals.

Perhaps most concerning is that although the Heartbleed vulnerability has only just become common knowledge, the flaw has been installed on millions of websites for up to two years already.

Among the sites identified as having problems were Google, Facebook, Tumblr, Yahoo and Gmail.

What can you do?

Ultimately, responsibility for patching the OpenSSL flaw lies with website operators, many of whom have been working around the clock to fix problems.

However due to uncertainty about just how long many of these websites have been exposed means that some of your account data could already be compromised. As a result, Get Support are advising all of their customers and blog readers to change their website passwords immediately.

Although many website operators have been admirably open about problems they have encountered, some have refused to comment about whether they have been affected or not. Apple, Ebay and Evernote are among the organisations remaining tight-lipped about whether their clients have been affected.

Some good news

Microsoft do not use OpenSSL for Office 365. This means that Office 365 users have nothing to worry about because data stored in Office 365 accounts has never been exposed by the Heartbleed vulnerability. It's also good news for those businesses using Small Business Server on-site, they are unaffected. However if you have used the same password for Office 365 or your Office network that you use for other websites that may have been compromised, then we recommended changing your password and suggest not sharing passwords between websites and / or your office network.

If you are concerned that your business may have been affected by the Heartbleed flaw, or need assistance with securing your company website and network, give the Get Support team a call now on 01865 594000.

 

Get your instant IT support quote

Its a really quick and simple process. We have a few questions that will take you a couple of minutes to answer. Our system will generate your quote customised to your requirements and send it straight to your email. Click here if you'd like to read about our IT Support service.

What type of customer are you?

Contact Get Support

Get Support IT Services, we look after your IT so you don't have to Call us: 01865 59 4000

We use cookies to improve your experience on our site, measure the effectiveness of our marketing and to better market our services to you in the future. To accept the recommended setting, please click Accept or continue to browse this website. For more information & settings, click here to view our cookies policy
Thank you for accepting the recommended cookie settings, have been applied. You can change the settings from our Cookie Policy page.