HUNTSVILLE, AL (WAFF) - The Heartbleed Bug is probably one, if not the largest, security flaw on the internet. As many as 500,000 websites have been hacked thus far.
Heartbleed can be used to access user data and so, you are being warned to take action now and change your passwords for sites that have been affected. However, it doesn't do any good for you to change your passwords if the site doesn't take action too.
If you shop, do business, send email or instant messages online, you could have been hacked and not even know it.
"This really impacts the encryption software on servers, so you aren't going to know if you have been on a site with some type of vulnerability," said Michele Mason of the Better Business Bureau.
Only businesses that use Open-SSL technology have been vulnerable, so these hackers are essentially targeting online business pages in an effort to gather personal information on customers.
"If you have gone on there and provided information, they are telling us this could impact messages, instant messaging, things that you are doing online," said Mason. "It could be capturing data that you give about yourself."
There are measures businesses can take to make sure they are not vulnerable, and there are things you can do to protect your information.
"Go ahead and change your passwords," said Mason. "Make them as difficult to crack as you can. Mix in numbers and letters and symbols."
It is also suggested that you don't use the same passwords for different accounts. Secure your account – many providers offer additional ways for you to verify your identity before you can conduct business on their site.
Also make sure you own your online presence – when available, set the privacy and security settings to the level you are comfortable with when sharing information.
CNET has published a growing list of websites as it checks for vulnerability. Check it often to see if a site you frequent has been afflicted with Heartbleed and if those vulnerabilities have been fixed.