REPORT: NSA Has Been Using The 'Heartbleed Bug' For Years


If you needed further motivation to change your passwords, it turns out that the NSA has been utilizing the giant security vulnerability known as the "Heartbleed bug" to gather information about Internet users, Bloomberg reports.


The bug, which takes advantage of an unnoticed programming error in a widely used encryption standard to trick web servers into giving up valuable user data, has affected nearly everyone on the Internet.

As we explained on Tuesday, as many as 66% of websites use the software containing the flaw, including major services like Facebook, Yahoo, and Gmail.

Complimentary Tech Event
Transform talent with learning that works
Capability development is critical for businesses who want to push the envelope of innovation.Discover how business leaders are strategizing around building talent capabilities and empowering employee transformation.Know More

That makes it an extremely useful tool for the NSA's data collection efforts, though its use throws into question the NSA's intentions and efficacy. After all, it's difficult, maybe even impossible, to determine which puts American cybersecurity at greater risk: leaving American citizens' data vulnerable for two years to a method that doesn't leave a trace, or the threats that the NSA is fighting against using the bug itself.

(This story is developing...)