Internet security flaw, Heartbleed bug, puts millions at risk

The Heartbleed bug affected hundreds of millions of websites exposing usernames, passwords, encryption keys, and other sensitive data.

The bug gave hackers the ability to extract massive amounts of data from sites used everyday.

Friday, ABC 17 News confirmed the bug has been fixed, though passwords could still be at risk.

The sites affected include facebook, Gmail and pinterest, as well as online banking sites.

The Heartbleed bug provided an opening for hackers to get personal information.

They used a hole in security system’s protection wall to gain access.

The problem was the system called open SSL which is used by most well-known sites from facebook to banking.

At least two thirds of the web was considered insecure.

Nathan Canfield the owner of Nathan’s computer repairs visually explained what the bug does.

“When you’re signing in with your password your essentially putting it in a secure envelope,” said Canfield.

That information safely gets to where it needs to be. However, the Heartbleed bug provided a window in that envelope for hackers.

“It created a hole or a breach that allowed for 64 Killabits of information to be leaked,” said Canfield.

If your password fit perfectly in that window, hackers could have gained access to your information.

“They discovered it Monday, it wasn’t hacked for very long. They already released patches for it,” said Canfield. That means the window is now closed, but your password could still be in the hands of hackers.