If you haven’t heard of Heartbleed yet then it might be time to go do some reading. Don’t feel like reading? Let’s summarize, OpenSSL, aka one of the most popular pieces of cryptographic software in use on the internet has a big ol bug in it that can potentially give attackers access to information that would normally be encrypted.
OpenSSL was quick to patch the bug but it’s the deployment that’s going to take some time. There are plenty of sites out there affected by the bug, one particularly notable one is Steam. Now at this point Valve has officially stated that everything should be patched up and good to go and although they don’t seem to believe there have been any breaches it’s worth mentioning that it’s almost impossible to track anyone using the Heartbleed exploit, so a bunch of usernames and passwords could have been leaked out and we just don’t know about it yet.
It seems almost certain that somebody has been messing around with Steam as a number of users noticed that Call of Duty: Black Ops II and South Park: The Stick Of Truth, were recently renamed on the service:
So if you didn’t already, it would probably be very wise of you to open up a new tab right now and go change your Steam password. In fact, this issue is so widespread, and so impossible to track you might want to spend the day resetting a number of passwords. Mashable posted a great list of services who were affected by the bug.
