A security flaw in the internet could have potentially exposed the personal and financial information of millions of people world-wide and one Dubbo technology specialist is stunned by the level of apathy.
Subscribe now for unlimited access.
$0/
(min cost $0)
or signup to continue reading
Bosweb Systems director Brendan O'Sullivan said Heartbleed affected up to 66 per cent of servers worldwide, including those of social networks, financial institutions and government organisations. It meant personal information could have been accessed by hackers across a two-year period without leaving a trace.
There is no way of knowing if any data has been exposed and no way of knowing what the ramifications will be in the future.
"Anyone who was collecting data through hacking could have gathered enough data to get usernames, passwords and financial details of people," Mr O'Sullivan said.
"It has already happened so there isn't much people can do other than to change all their passwords and update their browser setting but who knows who has been collecting data.
"I'm really surprised that there hasn't been more coverage about this because this is probably the largest security breach on the internet."
The problem, which stemmed from a flaw in software known as OpenSSL, allowed information that should have been encrypted to be accessed. It was detected earlier this month and has now been fixed, but the vulnerability has been present since March 2012.
Anyone who has accounts with Google, Gmail, Facebook, Amazon, Youtube or thousands of other internet websites may have been affected.
Mr O'Sullivan is also advising people to visit www.heartbleed.com to get the facts on the bug and what else they can do to protect themselves.
Charles Sturt University IT security expert Dr Tanveer Zia is concerned Australian banks may have also been compromised.
Software security company Lastpass has introduced a Heartbleed checker to check whether sites are impacted by the bug, and Dr Zia said the results were worrying.
"To my concern, when I tested websites of major Australian banks the results showed their servers had used OpenSSL and could have been vulnerable to the Heartbleed bug," he said.
"I am sure that result would worry many ordinary users about the security of their financial information.
"Although the primary responsibility to protect the information of customers lies with the online businesses and service providers, it is equally the responsibility of users to be vigilant and aware of who is accessing their data and the purposes for which it is being used."
