A serious flaw has been discovered in OpenSSL, one of the Internet's key security methods, that's causing concern for about two-thirds of the Internet's websites. Although the nicknamed Heartbleed bug has been around for nearly two years, it has been receiving attention due to some serious cases that have been raised recently.
The flaw had been originally discovered by a group of Finnish security experts at Google last week on Monday. Following this, several large websites, including Facebook and Google, said they were working on a fix.
Related: SQL Server Database Security Reminders & Resources
If your organization has been impacted by the bug, then you might want to take a look at the Heartbleed Bug website, which includes important details on how to stop the leak.
Although the impact of the bug remains unclear, experts are advising to not change your passwords just yet. According to an article by the The New York Times, users should check with different websites to see the status of the fix. If a website is still working to overcome the bug, then changing a password now might be simply handing off a new password to hackers. With that said, it's still a good idea to be cautious as this story continues to develop, as we currently know that users' sensitive information, such as passwords, bank details, and Social Security numbers, could be exploited due to the flaw.
Continue to follow SQL Server Pro for developments on this story.