If you’ve gone online in the last 2 years chances are you’ve used a website that’s vulnerable to the Heartbleed bug. “The scale is unprecedented. The security companies have used the word catastrophic” said YTI Career Institute’s Lead Instructor of Computer Science Jeremy Smith. By some estimates roughly two thirds of the internet has been affected.
“It’s not a virus, it’s not something that a hacker created to do harm, it’s actually a mistake that a computer programmer made years ago” said Smith. That mistake was made on software that’s used by the likes of Google and Facebook to make sure their sites are authentic. Smith said it can’t hurt to change your passwords, but that the problem goes deeper. “The onus is really on the website owners to fix this issue it’s their software that has this bug” said Smith.
Casey Sipe is an attorney with Scaringi & Scaringi P.C. based in Harrisburg. He said that if the companies that were impacted don’t fix the problem in a timely manner, they could face the possibility of being sued. Meanwhile banking and government sites said they’re not affected. “All the major tax software companies claim that you’re fine. The IRS does not use the program so they ostensibly are completely fine” said Smith.
The IRS confirmed they aren’t affected and said they are not aware of any security vulnerabilities as a result of the Heartbleed bug.