Heartbleed Computer Security Attack

Heartbleed Computer Security Attack.

What is the openSSL security risk – Heartbleed?

You may have seen on television and across the web that some websites have been compromised potentially releasing personal information, user names and passwords via the secure “encryption” element of a website – you may only see just part of the function on a website as a URL address secure.Domain.co.uk or https:// or a padlock icon confirming that they use Secure Socket Layer (SSL) technology.

The data breach enables the hacker to collect around 64k of data – this is not a lot, around the size of 2/3 Microsoft Word Documents, but is enough data to say collect say 1,000 names, addresses, emails and passwords.  So you will not see millions of people affected, but any compromised site could release a fair amount of data.

Roberts Clark’s financialadvice.net is UNAFFECTED

We do not use the openSSL versions affected.

There has been no security breach for us.

Your personal data held with us is unaffected.

Should I take action anyway? Yes

Some websites and “secure connection” programmes and apps may have been affected, we already know this includes Canada’s Tax Office and a leading UK parenting site with 1m+ users and we expect a few more sites may confirm the same over the coming days.  If you use the same password across a number of websites, one of more may or may not have been affected meaning that your ‘log in’ details may be compromised across a number of sites.    This is not scaremongering as many sites have already taken action but we suggest you also take action to protect information regularly.

The general advice from most online security specialists is to

1.            Do not use the same password across multiple services

2.            Change your passwords regularly

3.            Login to our website and change your password with us