The Heartbleed bug is a real threat. Here's what you should do.

The Heartbleed bug is a real threat. Here's what you should do.

Starting Monday, the internet-connected world was introduced to a new bug, colorfully named Heartbleed, that has exposed about two-thirds of web servers — and probably about a quarter of all sites — to potential pilfering of sensitive, supposedly encrypted information: passwords, credit card numbers, etc. Google engineers discovered the bug last week in the OpenSSL encryption software, then quietly notified OpenSSL, which started secretly helping companies patch the bug before going public amid fears that hackers had discovered the hole, too.

How big of a deal is Heartbleed? "It's easily the worst vulnerability since mass-adoption of the internet," Matthew Prince, CEO of cybersecurity firm CloudFlare Inc., tells The Wall Street Journal. "It's going to be really bad."

Subscribe to The Week

Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.

SUBSCRIBE & SAVE
https://cdn.mos.cms.futurecdn.net/flexiimages/jacafc5zvs1692883516.jpg

Sign up for The Week's Free Newsletters

From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.

From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.

Sign up
Explore More
Peter Weber, The Week US

Peter has worked as a news and culture writer and editor at The Week since the site's launch in 2008. He covers politics, world affairs, religion and cultural currents. His journalism career began as a copy editor at a financial newswire and has included editorial positions at The New York Times Magazine, Facts on File, and Oregon State University.