Applications such as web, email, instant messaging, and some virtual private networks may or may not have been comprised, so it is suggested that user data to the following be updated as a precaution.
You should get into the habit of changing your passwords from time to time anyway. So, if you haven’t done so already, now would probably be a good time to take care of that.
- Amazon Web Services
Videos, Photos, Games, Entertainment
It is common for meeting professionals to integrate third-party services into their event management systems to manage things like payment and travel. If you have one of these Third Party Integrations, you will need to contact that organization to determine if they have discovered or corrected this flaw.
- Payment Gateways – If you are collecting Credit Cards, you are using a Payment Gateway.
- GDS Partners – If you are using a Travel Management System, you have a GDS.
- Travel Booking Tools – If your registration forms automatically proceed to the ticketing options for travel, you are using a Travel Booking Tool.
- Custom Integrations – If you have any other connected services, you have a Custom Integration.
If there is an issue with their systems, you will need to follow with their recommendations to proceed. It is likely they will instruct you to change your Login/Password to access their services.
If you think you may have entrusted a vulnerable site with your information, I would suggest using a security checking tool like the ones below:
We also know that the bug targeted major sites like Amazon, Google, and Yahoo who use those encryption tools, but they have since updated their sites to fix the bug. There are many, however, who have not updated their sites and will continue to experience vulnerabilities until all encryption keys are purged.
Another precaution I suggest taking at this time is to log yourself out of ALL websites: social, banking, news, email…everything.
For more on the Heartbleed Bug, please visit: http://heartbleed.com/