The “Heartbleed” bug is a weakness in the OpenSSL encryption that left personal information open to hackers. It affected websites and customers worldwide. Many sites were created to help users detect the presence of the vulnerability in servers. A security consultancy has found that a number of these are untested and carry bugs of their own, causing them to falsely report a system is safe when it is not. When relying on this false information users have unsafely accessed sites and jeopardised their information.
When investigating sites affected by “Heartbleed”, it is best to use reputable sources to ensure the information given is reliable. For a list of affected websites, see the list.
