Though many people were surely alarmed once the existence of the Heartbleed OpenSSL flaw was announced, according to a study conducted by the Pew Research Center, most Internet users didn’t take any steps to protect themselves from the threat.
In total, the study found that 39 percent of Internet users changed passwords or canceled accounts once they learned of Heartbleed. Despite the fact that the version of OpenSSL that was vulnerable to Heartbleed was used by countless websites and networking hardware all over the world, Pew also found that only 29 percent of Internet users thought that their personal information was at risk due to the Heartbleed bug, while only 6 percent thought that their personal data was swiped as a result of the vulnerability.
That’s despite the fact that, according to Pew, 64 percent of Internet users were aware of the threat. However, only 19 percent indicated that they heard “a lot” about it. Meanwhile, 41 percent, only knew “a little” about Heartbleed. It’s possible that the lack of the public’s knowledge on the topic contributed to the fact that most of the people surveyed didn’t take any actions to safeguard themselves.
The Heartbleed OpenSSL bug allows hackers to send fake heartbeat messages, which can trick a website’s server into relaying data that’s stored in its memory. This includes sensitive information such as usernames, passwords, credit card numbers, emails, and more.
Internet security experts have expressed much concern regarding the impact that Heartbleed could have. Mike Lloyd, the CTO of RedSeal, a network security firm, said that people should “stop all transactions for a few days” once news of Heartbleed broke. Canada Revenue Agency took very serious measures in its efforts to defend against the threat, shuting down its website on April 8, and didn’t bring it back online until April 13.
- Nearly 75 percent of U.S. users don’t realize Facebook tracks their interests
- 47 percent of American adults were hacked in the last year
- Facebook, Microsoft, Google, and peers pledge support for OpenSSL
- Two Apple AirPort base stations were vulnerable to Heartbleed, but have been patched
- Some sites have plugged Heartbleed, but thousands haven’t, says security firm