PHOENIX - The Department of Homeland Security issued an alert Friday, putting out a statement regarding the Heartbleed bug that was discovered by cyber security experts earlier this week.
The bug has the potential to wreak havoc on websites that use Open SSL systems as its framework, undermining the encryption process that typically protects your personal information.
Jim Bundy, who works as the Manager of Information Security for ABC15 parent company Scripps, says it’s important to attack the problem before a hacker does it to you.
“They can get your credentials if they catch it at the right time,” Bundy said. “And I know it sounds far-fetched, they have to be there at the very right moment, but they can run the script over and over and over and pull the data out of these systems.”
Major web sites such as Google, Yahoo, YouTube, Amazon, and TurboTax reported effects from the bug and have since fixed the problem, now suggesting users should change their passwords.
Most major U.S. banks reported no effects from the bug, including Bank of America, Chase, and Wells Fargo to name a few.
And amidst all the hoopla regarding the bug, Bundy reminds people to be aware of potential scammers sending emails regarding password changes.
"Go to the website. Most reputable companies are not going to send you a link and email to change your password,” he said. “Worst case scenario, call their customer service and ask what's going on.”
To date, the Department of Homeland Security has reported zero attacks as a result of the bug.
Bundy suggests making sure any affected website is fixed before changing your password.