by Daniel J. Solove
It sounds like a late April Fool’s joke, but it isn’t. Heartbleed, a data security bug in Open SSL, allows hackers to access personal data and encryption keys. This vulnerability has existed for 2+ years, and there is no way to know if your data has been compromised. And the majority of websites that encrypt use OpenSSL, such as the most popular banking and retail sites. This is a security flaw of titanic proportions. According to CNN: “Researchers discovered the issue last week and published their findings on Monday, but said the problem has been present for more than two years, since March 2012. Any communications that took place over SSL in the past two years could have been subject to malicious eavesdropping.”