Heartbleed bug – what you need to know.

There is a fair amount of press at the moment around what the media have dubbed a “catastrophic” bug called Heartbleed.  Without getting too technical, the Heartbleed bug exploits a vulnerability in SSL certificates and has the potential to allow websites and servers to leak user details like passwords and credit card details.

Firstly, we want to reassure our clients; we have verified our services are unaffected by this bug and that their data hosted on our systems remains secure.

On a wider scale, we can’t guarantee that other services, such as their own websites hosted elsewhere, or websites they are members of (such as community sites, bank, online shopping etc) will be unaffected.  Our advice would be not to panic, but to follow some simple guidelines that should always be exercised with regards to online security:

• Avoid having one password for every account, particularly accounts with credit card details attached
• Passwords should be complex (include characters, capitals, numbers) but memorable
• If you are concerned that a site you are using may have been compromised, contact the organisation to verify that they have tested and secured your data.  Some may even acknowledge this bug on their websites and provide information about the integrity of their systems, as we are doing
• Be vigilant and monitor credit card statements that you use to monetise your online accounts, such as online shopping sites.  This is a good practice with or without “bugs” being discussed in the media.

If you have concerns, feel free to get in touch to discuss further.  We’re happy to talk through any worries that you may have about this or any other IT security matters.