(The Hosting News) – A security flaw has been discovered in an encryption tool used across most of the Internet, leaving many of the world’s biggest websites vulnerable to attacks and data theft.
Researchers with Google and security firm Codenomicon discovered the “Heartbleed” bug in the OpenSSL software, a free encryption tool used by two-thirds of Internet servers, CNN reports.
This issue was discovered last week but was not made public until Monday, where the researchers said this issue has been a concern since March 2012.
“Heartbleed is the result of a small coding error but it could have far-reaching consequences and affect the majority of Internet users,” says CNN.
The vulnerability could allow hackers to easily access sensitive information like passwords, Social Security numbers, healthcare data, bank information, and credit cards.
“It’s a serious bug in that it doesn’t leave any trace. Bad guys can access the memory on a machine and take encryption keys, usernames, passwords, valuable intellectual property, and there’s no trace they’ve been there,” wrote Codenomicon on its website.
As of Tuesday evening, multiple websites said they were fixing or had already fixed the security issues, including sites such as Facebook, Yahoo, Google, eBay, and Amazon Web Services.