A major online security vulnerability labeled “Heartbleed” could put your personal and business information at risk, including passwords, credit card information and e-mails.

Heartbleed is a flaw been detected in certain version of OpenSSL. OpenSSL is an open-source encryption technology used by the majority of organizations for the purpose of encrypting their websites. The vulnerability enables cybercriminals to exploit usernames and passwords, as well as private encryption keys.

The vulnerability is present in sites using OpenSSL versions 1.0.1 through 1.0.1f.  To protect your users’ data and encryption keys, an upgrade patch is available, which can be completed by your security device vendor.

For more information on this Internet security flaw, visit Heartbleed.com or RFC6520 from Carnegie Mellon University’s CERT.

Contact Doeren Mayhew’s IT security advisors in  Michigan, Houston or Ft. Lauderdale if you have additional question about this threat to your organization’s information systems’ security.