It now appears that the "Heartbleed" security problem affects not just websites, but also the networking equipment that connects homes and businesses to the Internet. Mashable has created a list of websites to show which ones have been affected and which passwords users should change, along with a comment from the website.
A defect in the security technology used by many websites and equipment makers have put millions of passwords, credit card numbers and other personal information at risk, according to Mashable.
The extent of the damage caused by Heartbleed isn't known because the threat went undetected for more than two years, and it's difficult to tell if any attacks resulted from it because they don't leave behind distinct footprints, Mashable reported. Now that the threat is public, there's a good chance hackers will try to exploit it before fixes are in place.
Two of the biggest makers of networking equipment, Cisco and Juniper, have acknowledged that some of their products contain the bug, but experts warn that the problem may extend to other companies as well as a range of Internet-connected devices such as Blu-ray players, according to Mashable.
Other software used to run some networking equipment, like routers, switches and firewalls, also use the variant of SSL/TLS known as OpenSSL, where the Heart Bleed virus lives. OpenSSL is the set of tools that has the Heartbleed vulnerability, Mashable reported.
As with a website, hackers could potentially use the bug as a way to breach a system and gather and steal passwords and other sensitive information, according to Mashable.
Mashable reported that some Internet companies that were vulnerable to the bug have already updated their servers with a security patch to fix the issues and some of the companies advising customers to change their passwords are doing so as a precautionary measure.
