Canadian tax authority and Mumsnet announced that they have had data stolen. Heartbleed security vulnerability opened door to hackers who compromised user data on numerous websites.
Don't forget to like us on FACEBOOK, thanks so much!
It was just a matter of time when we would start seeing news on hackers who exploited Heartbleed bug. Mumsnet, a leading UK site for parents, with more than 1.5 million registered users said that it believed that hackers retrieved passwords and personal messages before the company patched the infamous bug. While it might not be a huge issue, it is advisable to change password on Mumsnet.
Justine Roberts, the founder of Mumsnet told to BBC that they were aware of security risk when someone used her own login to post a message online. Afterwards, hackers have contacted the company and confirmed that they were able to gain access to her account due to Heartbleed bug.
"On Friday 11 April, it became apparent that what is widely known as the Heartbleed bug had been used to access data from Mumsnet users' accounts," the Mumsnet added in an email to its members.
"We have no way of knowing which Mumsnetters were affected by this.
"The worst case scenario is that the data of every Mumsnet user account was accessed.
"It is possible that this information could then have been used to log in as you and give access to your posting history, your personal messages and your personal profile, although we should say that we have seen no evidence of anyone's account being used for anything other than to flag up the security breach, thus far."
The bigger issue have risen when the Canada revenue Agency announced that 900 people’s social insurance numbers had been stolen and compromised by cyber criminals. There will be more companies and websites, though these are the first confirmed cases.
Canada’s tax agency took its services offline when Heartbleed bug was revealed. Although seems their action have come bit too late.
"Regrettably, the CRA has been notified by the Government of Canada's lead security agencies of a malicious breach of taxpayer data that occurred over a six-hour period," the agency said on a message posted to its homepage.
"Based on our analysis to date, social insurance numbers (Sin) of approximately 900 taxpayers were removed from CRA systems by someone exploiting the Heartbleed vulnerability."
"We are currently going through the painstaking process of analysing other fragments of data, some that may relate to businesses, that were also removed."
Heartbleed security flaw has been announced last week, though developers confirmed it has been around since New Year’s Eve 2011. It is highly recommended to change passwords on any Internet site you might have an account with.
Dolores is SEO and Digital Marketing consultant who has been completely hog-washed into doing this site by KC.