DALLAS (KRLD) — An encryption flaw known as the “Heartbleed” bug is being called one of the biggest security threats the internet has ever seen.
Security departments around the world are working overtime to address the bug, which has has been active for more than two years.
The Heartbleed bug is a vulnerability in the popular OpenSSL software, which allows protected information to be stolen — including passwords.
Some experts have been suggesting that users change every online password out of caution, but is that totally necessary?
Lance Ulanoff, the editor at large at Mashable, tells KRLD that users don’t need to overreact.
“That actually doesn’t make sense. You don’t know that the site has done its work — if it hasn’t update itself or is not clear of this vulnerability. If you change your passwords now and that site still has a problem, those passwords could still be stolen.”