The Latest in IT Security

Heartbleed Hits 1.5 Million Users of UK Parenting Website

15
Apr
2014

LONDON – British parenting website Mumsnet is the latest organization to have been hacked due to the “Heartbleed” bug, founder Justine Roberts revealed on Monday.

“Last week we became aware of the Heartbleed bug and immediately applied a fix to close the OpenSSL security hole,” she said in a statement.

“However, it became apparent that users’ data submitted via our login page had been accessed prior to our applying this fix.”

All 1.5 million registered users were asked to change their passwords, and Roberts did not know how many users had had data stolen.

“The worst case scenario is that the data of every Mumsnet user account was accessed,” she said.

“It is possible that this information could then have been used to log in as you and give access to your posting history, your personal messages and your personal profile, although we should say that we have seen no evidence of anyone’s account being used for anything other than to flag up the security breach.”

The website offers users a forum in which parents can ask for, and pass on, advice about bringing up children.

Officials in Ottawa on Monday announced personal data for as many as 900 Canadian taxpayers had been stolen after being made vulnerable by the bug.

The recently-discovered flaw in online-data scrambling software OpenSSL allows hackers to eavesdrop on online communications, steal data, impersonate websites and unlock encrypted data.

Computer security specialists, website masters and others became aware last week of problems posed by the “Heartbleed” bug after several reports of hacking.

Related:Heartbleed Exposes Web Server’s Private SSL Keys

Related:Why The Heartbleed Vulnerability Matters and What To Do About It

Additional Resources:

•Is Your Enterprise Managing Certificates? Three Reasons It Should Be.

•Forrester Attacks On Trust Report

•Heartbleed Bug Advisory Whitepaper from Accuvant Labs(PDF)

Tweet

© AFP 2013Previous Columns by AFP:Heartbleed Hits 1.5 Million Users of UK Parenting WebsiteCanadians Tax Data Stolen in Heartbleed BreachGerman Space Research Center Under Espionage Attack: ReportNSA Denies Exploiting Heartbleed VulnerabilityCourt Reverses Conviction of Security Researcher

sponsored links

Tags: NEWS INDUSTRY

Vulnerabilities

Comments are closed.

Categories

FRIDAY, MARCH 29, 2024
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments