….
British
parenting website Mumsnet is the latest organization to have been
hacked due to the “Heartbleed” bug, founder Justine Roberts revealed on
Monday.
“Last week we became aware of the Heartbleed bug and
immediately applied a fix to close the OpenSSL security hole,” she said
in a statement.
“However, it became apparent that users’ data submitted via our login page had been accessed prior to our applying this fix.”
All 1.5 million registered users were asked to change their passwords,
and Roberts did not know how many users had had data stolen. “The worst case scenario is that the data of every Mumsnet user account was accessed,” she said.
“It is possible that this information could then have been used to log
in as you and give access to your posting history, your personal
messages and your personal profile, although we should say that we have
seen no evidence of anyone’s account being used for anything other than
to flag up the security breach.”
The website offers users a forum in which parents can ask for, and pass on, advice about bringing up children.
Officials in Ottawa on Monday announced personal data for as many as
900 Canadian taxpayers had been stolen after being made vulnerable by
the bug.
The recently-discovered flaw in online-data scrambling
software OpenSSL allows hackers to eavesdrop on online communications,
steal data, impersonate websites and unlock encrypted data.
Computer security specialists, website masters and others became aware
last week of problems posed by the “Heartbleed” bug after several
reports of hacking.
….
regards