Updated: 04/09/2014 11:47 PM
Created: 04/09/2014 11:07 PM WDIO.com
A huge gap in the security software used by some of the biggest Internet companies has been found. It has been dubbed the 'Heartbleed' bug, and because of it, the private information of millions was sitting exposed.
You may recognize the little padlock in the top left corner of some websites you visit. It is supposed to designate the site as secure, but for the last two years that has not been case.
"The people that wrote this software for this part of that network communication forgot to check a part of that message," Pete Willemsen explained, an associate professor in UMD's computer science department.
Think of it like this: when your computer connects to a server it sends out a ping known as a heartbeat to check for a secure connection. But with this hole in the code, a hacker could send out a secret heartbeat and retrieve any information that is still in memory — that is where the name "Heartbleed" comes from.
"So, that could include your user names and your passwords," said Mark Lanterman, CEO of computer analysis company Computer Forensic Services. "In our testing it returned my VPN credentials. This is very, very serious."
Experts are advising people to consider changing all their online passwords.
But changing passwords will not do any good until the services install the recently-released software to fix the problem.
"This vulnerability, or bug, is really unfortunate in the sense that it sits with software on the servers... on the machines that you typically would connect to," said Prof. Willemsen. "They are responsible for updating that software."
Lanterman adds that "Amazon, your banks, any server, 66 percent of the web servers on the Internet are vulnerable to this attack."
Cyber security firm LastPass has created a search engine to determine if a website you use may have been affected. Find it by clicking here.
Smith on Steelworker Layoffs: We are Here to Help
One of Minnesota's top leaders said that they are ready to help the affected workers, who are expecting to be laid off this summer from U.S. Steel.
Four People Rescued From Icy Lake After Trying to Save One Another
Four people were rescued from an icy Spider Lake in Iron River Tuesday night. Deputies say the people went into the water trying to save one another. All four were treated for hypothermia.
Man Pleads Guilty to Killing Mom's Boyfriend in Babbitt
St. Louis County Attorney Mark Rubin says 26-year-old Shawn Doherty pleaded guilty Wednesday to intentional second-degree murder. Doherty admitted that he killed 55-year-old Paul Bulen of Mahtomedi at the home of Doherty's mother in Babbitt on Jan. 13, 2014.
Iron Junction Man Charged with Producing Child Pornography
An Iron Junction man was charged in U.S. District Court on Wednesday with producing child pornography. Sean Penoncello, 41, allegedly took nude pictures of a 7-year-old sometime in September 2012 at his home in rural Cherry.
Northland Job Fair Brings Aisles of Opportunity for 6th Year
The 6th annual Northland Job Fair gave hope to some of the 5.9 percent of Northeastern Minnesotans out of work Wednesday.