{"id":10639,"date":"2014-04-14T14:42:09","date_gmt":"2014-04-14T22:42:09","guid":{"rendered":"https:\/\/www.spokeo.com\/compass\/?p=10639"},"modified":"2022-04-13T12:17:39","modified_gmt":"2022-04-13T20:17:39","slug":"security-alert-heartbleed-safety-tips","status":"publish","type":"post","link":"https:\/\/www.spokeo.com\/compass\/security-alert-heartbleed-safety-tips\/","title":{"rendered":"Security Alert: Heartbleed Safety Tips"},"content":{"rendered":"

\"heartbleed\"<\/a><\/p>\n

The recent Heartbleed bug<\/a> has caused quite a stir, and with good reason.\u00a0 One of the basic foundations of secure Internet use over the last two decades has been the ability to send and receive sensitive data by using encryption in the form of the \u201cSecure Sockets Layer\u201d, or SSL<\/a>, which is the HTTPS:\\\\ that many of us are familiar with.<\/p>\n

The recent bug disclosure has revealed that certain versions of this protocol (specifically OpenSSL 1.0.1) have had a bug since December 31, 2011 and active exploits, which allowed attackers to view the memory of affected systems, including the decrypted usernames and passwords of users, have existed since at least March 2014, if not before. The implications to Internet users everywhere are huge and it will take some time to determine the scope of what has happened.<\/p>\n

Though there is no evidence of a breach within the Spokeo system, in the short term, Spokeo\u2019s dedicated information security team addressed the issue immediately and we have also implemented increased security controls to mitigate this attack.\u00a0 Most of the high-traffic and sensitive sites on the Internet have done the same.<\/p>\n

Because the vulnerability puts almost everyone at risk, below are some tips from Spokeo\u2019s Information Security Manager detailing what you can do to ensure that your exposure to adverse incidents on the Internet is limited.\u00a0 Many of these suggestions are not directly related to the Heartbleed bug but are considered best practices to ensure protection of your online information as you go about your normal daily business:<\/p>\n

– CHANGE YOUR PASSWORDS!<\/strong> But first make sure that the sites on which you are changing them have updated their systems and SSL certificates[1]<\/a><\/p>\n

– Ensure password complexity<\/strong>. Your chosen words should have at least eight characters minimum, (12+ recommended), and a mixture of numbers, letters, symbols.<\/p>\n

– Use a password manager<\/strong> (Keepass, Lastpass) to control your passwords and generate strong, random passwords, which are different for each site.<\/p>\n

– Use 2-step (aka two-factor) authentication<\/strong>, where offered, for every site where sensitive or personal data is used.\u00a0 \u201cGoogle Authenticator\u201d is an example of this, allowing you to turn on SMS code verification whenever someone attempts to log in to your accounts.<\/p>\n

– Do not share your password with others or repeat it across different sites.<\/strong><\/p>\n

– Use trusted devices and networks when logging into any site that you consider sensitive.<\/strong>\u00a0 This includes email and shopping sites that store your credit card data!<\/p>\n

– Ensure you\u2019ve installed an appropriate anti-malware program and enabled both real-time protection and regular scanning on your personal devices.\u00a0<\/strong><\/p>\n

– Make sure your operating system and anti-malware products are kept patched and up-to-date<\/strong>.<\/p>\n

Run your computer as a normal user, not as an administrator<\/strong> (i.e. elevate your privileges only when you need to install a program, etc).<\/p>\n

– Be suspicious<\/strong> of: 1.\u00a0links within email, especially from untrusted sources, 2.\u00a0requests from your bank or other vendors for personal information when initiated from their end, 3.\u00a0USB keys and other devices, especially if they are not new or discovered (at a conference, on the ground, etc), 4.\u00a0Less-travelled or smaller-company websites (such as torrent sites, etc) which might not make security a high priority<\/p>\n

 <\/p>\n

For more information on protecting yourself online, see the United States Computer Emergency Readiness Team\u2019s (US-CERT) website at: https:\/\/www.us-cert.gov\/ncas\/tips<\/a>.\u00a0I’ve also provided some additional information regarding certificate checking here<\/a>.<\/p>\n

– Lou<\/p>\n


<\/p>\n
\n
\n
[1]<\/a> Check the SSL certificate issue date; it should be April 9th<\/sup>, 2014 or later, although this is not a sure sign that the site was insecure if they were not running OpenSSL v1.0.1.\u00a0\u00a0<\/address>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"

The recent Heartbleed bug has caused quite a stir, and with good reason.\u00a0 One of the basic foundations of secure Internet use over the last two decades has been the…<\/p>\n","protected":false},"author":33,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[614],"tags":[],"class_list":["post-10639","post","type-post","status-publish","format-standard","hentry","category-safety"],"yoast_head":"\nSecurity Alert: Heartbleed Safety Tips - The Compass Blog | Digital Identity and People Search | Spokeo<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.spokeo.com\/compass\/security-alert-heartbleed-safety-tips\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Security Alert: Heartbleed Safety Tips - The Compass Blog | Digital Identity and People Search | Spokeo\" \/>\n<meta property=\"og:description\" content=\"The recent Heartbleed bug has caused quite a stir, and with good reason.\u00a0 One of the basic foundations of secure Internet use over the last two decades has been the…\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.spokeo.com\/compass\/security-alert-heartbleed-safety-tips\/\" \/>\n<meta property=\"og:site_name\" content=\"The Compass Blog | Digital Identity and People Search | Spokeo\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/Spokeo\/\" \/>\n<meta property=\"article:published_time\" content=\"2014-04-14T22:42:09+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-04-13T20:17:39+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.spokeo.com\/compass\/wp-content\/uploads\/2014\/04\/heartbleed-247x300.png\" \/>\n<meta name=\"author\" content=\"Spokeo\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@Spokeo\" \/>\n<meta name=\"twitter:site\" content=\"@Spokeo\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Spokeo\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.spokeo.com\/compass\/security-alert-heartbleed-safety-tips\/\",\"url\":\"https:\/\/www.spokeo.com\/compass\/security-alert-heartbleed-safety-tips\/\",\"name\":\"Security Alert: Heartbleed Safety Tips - The Compass Blog | Digital Identity and People Search | Spokeo\",\"isPartOf\":{\"@id\":\"https:\/\/www.spokeo.com\/compass\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.spokeo.com\/compass\/security-alert-heartbleed-safety-tips\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.spokeo.com\/compass\/security-alert-heartbleed-safety-tips\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.spokeo.com\/compass\/wp-content\/uploads\/2014\/04\/heartbleed-247x300.png\",\"datePublished\":\"2014-04-14T22:42:09+00:00\",\"dateModified\":\"2022-04-13T20:17:39+00:00\",\"author\":{\"@id\":\"https:\/\/www.spokeo.com\/compass\/#\/schema\/person\/d064cf67e95f6058dbec1c4eebc53c44\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.spokeo.com\/compass\/security-alert-heartbleed-safety-tips\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.spokeo.com\/compass\/security-alert-heartbleed-safety-tips\/#primaryimage\",\"url\":\"https:\/\/www.spokeo.com\/compass\/wp-content\/uploads\/2014\/04\/heartbleed-247x300.png\",\"contentUrl\":\"https:\/\/www.spokeo.com\/compass\/wp-content\/uploads\/2014\/04\/heartbleed-247x300.png\"},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.spokeo.com\/compass\/#website\",\"url\":\"https:\/\/www.spokeo.com\/compass\/\",\"name\":\"The Compass Blog | Digital Identity and People Search | Spokeo\",\"description\":\"The official Spokeo blog covers topics such as digital identity, consumer protection and privacy, how to avoid scams and catfishing, and more.\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.spokeo.com\/compass\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.spokeo.com\/compass\/#\/schema\/person\/d064cf67e95f6058dbec1c4eebc53c44\",\"name\":\"Spokeo\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.spokeo.com\/compass\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/7e492b2d60c7cf3c148525c45191c0bb108881d6c2d3a2413959adb9829b993f?s=96&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/7e492b2d60c7cf3c148525c45191c0bb108881d6c2d3a2413959adb9829b993f?s=96&r=g\",\"caption\":\"Spokeo\"},\"url\":\"https:\/\/www.spokeo.com\/compass\/author\/spokeo\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Security Alert: Heartbleed Safety Tips - The Compass Blog | Digital Identity and People Search | Spokeo","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.spokeo.com\/compass\/security-alert-heartbleed-safety-tips\/","og_locale":"en_US","og_type":"article","og_title":"Security Alert: Heartbleed Safety Tips - The Compass Blog | Digital Identity and People Search | Spokeo","og_description":"The recent Heartbleed bug has caused quite a stir, and with good reason.\u00a0 One of the basic foundations of secure Internet use over the last two decades has been the…","og_url":"https:\/\/www.spokeo.com\/compass\/security-alert-heartbleed-safety-tips\/","og_site_name":"The Compass Blog | Digital Identity and People Search | Spokeo","article_publisher":"https:\/\/www.facebook.com\/Spokeo\/","article_published_time":"2014-04-14T22:42:09+00:00","article_modified_time":"2022-04-13T20:17:39+00:00","og_image":[{"url":"https:\/\/www.spokeo.com\/compass\/wp-content\/uploads\/2014\/04\/heartbleed-247x300.png","type":"","width":"","height":""}],"author":"Spokeo","twitter_card":"summary_large_image","twitter_creator":"@Spokeo","twitter_site":"@Spokeo","twitter_misc":{"Written by":"Spokeo","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.spokeo.com\/compass\/security-alert-heartbleed-safety-tips\/","url":"https:\/\/www.spokeo.com\/compass\/security-alert-heartbleed-safety-tips\/","name":"Security Alert: Heartbleed Safety Tips - The Compass Blog | Digital Identity and People Search | Spokeo","isPartOf":{"@id":"https:\/\/www.spokeo.com\/compass\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.spokeo.com\/compass\/security-alert-heartbleed-safety-tips\/#primaryimage"},"image":{"@id":"https:\/\/www.spokeo.com\/compass\/security-alert-heartbleed-safety-tips\/#primaryimage"},"thumbnailUrl":"https:\/\/www.spokeo.com\/compass\/wp-content\/uploads\/2014\/04\/heartbleed-247x300.png","datePublished":"2014-04-14T22:42:09+00:00","dateModified":"2022-04-13T20:17:39+00:00","author":{"@id":"https:\/\/www.spokeo.com\/compass\/#\/schema\/person\/d064cf67e95f6058dbec1c4eebc53c44"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.spokeo.com\/compass\/security-alert-heartbleed-safety-tips\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.spokeo.com\/compass\/security-alert-heartbleed-safety-tips\/#primaryimage","url":"https:\/\/www.spokeo.com\/compass\/wp-content\/uploads\/2014\/04\/heartbleed-247x300.png","contentUrl":"https:\/\/www.spokeo.com\/compass\/wp-content\/uploads\/2014\/04\/heartbleed-247x300.png"},{"@type":"WebSite","@id":"https:\/\/www.spokeo.com\/compass\/#website","url":"https:\/\/www.spokeo.com\/compass\/","name":"The Compass Blog | Digital Identity and People Search | Spokeo","description":"The official Spokeo blog covers topics such as digital identity, consumer protection and privacy, how to avoid scams and catfishing, and more.","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.spokeo.com\/compass\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.spokeo.com\/compass\/#\/schema\/person\/d064cf67e95f6058dbec1c4eebc53c44","name":"Spokeo","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.spokeo.com\/compass\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/7e492b2d60c7cf3c148525c45191c0bb108881d6c2d3a2413959adb9829b993f?s=96&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/7e492b2d60c7cf3c148525c45191c0bb108881d6c2d3a2413959adb9829b993f?s=96&r=g","caption":"Spokeo"},"url":"https:\/\/www.spokeo.com\/compass\/author\/spokeo\/"}]}},"jetpack_featured_media_url":"","jetpack_shortlink":"https:\/\/wp.me\/p8V62u-2LB","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.spokeo.com\/compass\/wp-json\/wp\/v2\/posts\/10639","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.spokeo.com\/compass\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.spokeo.com\/compass\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.spokeo.com\/compass\/wp-json\/wp\/v2\/users\/33"}],"replies":[{"embeddable":true,"href":"https:\/\/www.spokeo.com\/compass\/wp-json\/wp\/v2\/comments?post=10639"}],"version-history":[{"count":1,"href":"https:\/\/www.spokeo.com\/compass\/wp-json\/wp\/v2\/posts\/10639\/revisions"}],"predecessor-version":[{"id":13069,"href":"https:\/\/www.spokeo.com\/compass\/wp-json\/wp\/v2\/posts\/10639\/revisions\/13069"}],"wp:attachment":[{"href":"https:\/\/www.spokeo.com\/compass\/wp-json\/wp\/v2\/media?parent=10639"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.spokeo.com\/compass\/wp-json\/wp\/v2\/categories?post=10639"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.spokeo.com\/compass\/wp-json\/wp\/v2\/tags?post=10639"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}