Both the National Security Agency and White House issued statements denying prior knowledge of online security bug Heartbleed, following a Bloomberg report on Friday claiming otherwise.
"(The) NSA was not aware of the recently identified vulnerability in OpenSSL, the so-called Heartbleed vulnerability, until it was made public in a private-sector cyber security report," Vanee Vines, an NSA spokeswoman, wrote in an email.
That statement contradicts two anonymous sources, who told Bloomberg that the NSA not only knew about Heartbleed for at least the last two years, but that it had been exploiting the security breach to gather intelligence. Researchers discovered the bug last week, causing a panic as servers and websites scrambled to secure information.
Aligning with the NSA, White House national security spokeswoman Caitlin Hayden also issued a statement denying early U.S. government intelligence on the bug, calling reports to the contrary "wrong."
"This administration takes seriously its responsibility to help maintain an open, interoperable, secure and reliable internet," Hayden said. "If the federal government, including the intelligence community, had discovered this vulnerability prior to last week, it would have been disclosed to the community responsible for OpenSSL."