It keeps happening. A newly discovered software bug–this one going by the ominous name Heartbleed–allows hackers to bypass the encryption technology used on many websites to access passwords, credit-card numbers and other sensitive data. By one estimate, as much as 66% of the web is affected, including Yahoo and the popular dating site OkCupid.
Companies are scrambling to close off the security flaw in the widely used encryption technology, called OpenSSL, but since the coding error went unnoticed for two years, there’s no telling how much information hackers have stolen. Users are advised to change their passwords–but only after confirming that an affected website is no longer susceptible.
Heartbleed is the latest and farthest-reaching cybersecurity scare in a spate of them affecting everything from cell phones to brick-and-mortar stores like Target. Experts say data will get only more difficult to secure. “There are no secrets on the Internet,” says Ari Takanen, founder of Codenomicon, the security firm that discovered Heartbleed. “Something bad can always happen.”
–VICTOR LUCKERSON
More Must-Reads From TIME
- The 100 Most Influential People of 2024
- Coco Gauff Is Playing for Herself Now
- Scenes From Pro-Palestinian Encampments Across U.S. Universities
- 6 Compliments That Land Every Time
- If You're Dating Right Now , You're Brave: Column
- The AI That Could Heal a Divided Internet
- Fallout Is a Brilliant Model for the Future of Video Game Adaptations
- Want Weekly Recs on What to Watch, Read, and More? Sign Up for Worth Your Time
Contact us at letters@time.com