Meghan Hurley reports: The social insurance numbers of 900 Canadians were swiped from the Canada Revenue Agency website after its Internet software was compromised by the so-called Heartbleed computer bug. Andrew Treusch, the commissioner of the Canada Revenue Agency, said in a statement the CRA has worked around the clock to implement a “patch” for…
Category: Of Note
Obama Lets N.S.A. Exploit Some Internet Flaws, Officials Say
David E. Sanger reports: Stepping into a heated debate within the nation’s intelligence agencies, President Obama has decided that when the National Security Agency discovers major flaws in Internet security, it should — in most circumstances — reveal them to assure that they will be fixed, rather than keep mum so that the flaws can…
Message from CloudFare concerning Heartbleed (updated)
Email I received from CloudFare this morning: You’re protected from the Heartbleed vulnerability because you have CloudFlare turned on for your website. We fixed the flaw on March 31 for all CloudFlare customers, a week before it was publicly announced. Heartbleed (CVE-2014-0160, http://www.openssl.org/) is a flaw in OpenSSL, encryption software used by the vast majority…
Pointing fingers, Thursday edition – U.S. Info Search tells its side
On April 8, this blog published a post concerning the Court Ventures breach that questioned whether Experian was getting a bad rap for a breach that started with Court Ventures and its reciprocal data sharing agreement with U.S. Info Search. Unbeknownst to DataBreaches.net at the time, U.S. Info Search had issued a press release the…
Before you panic and change all your passwords because you’ve read dire warnings on Heartbleed….
For my non-techy, non-security professional readers: Before you panic and race around to change all your passwords because you’ve heard how serious the Heartbleed bug is as a threat to your privacy and data security, read this piece by Graham Cluley. There’s been a lot of bad advice out there, and as he notes, changing…
Critical crypto bug, Heartbleed, exposes Yahoo Mail, other passwords Russian roulette-style
Kudos to Dan Goodin for trying to help the public understand the significance of Heartbleed: Lest readers think “catastrophic” is too exaggerated a description for the critical defect affecting an estimated two-thirds of the Internet’s Web servers, consider this: at the moment this article was being prepared, the so-called Heartbleed bug was exposing end-user passwords, the…