Knock knock

Who’s there?


Heartbleed who?

47% of people asked didn’t know

But you remember – right? The Heartbleed Bug is the security vulnerability that went unnoticed (maybe unpublicized is a better word for it) for 2 years, until a patch was introduced on April 7.

Everyone from Facebook to Gmail to Yahoo to your bank was scrambling frantically to make sure that they weren’t susceptible and that their customers weren’t exposed.

The best advice for consumers then still applies today: check that your favorite websites have implemented the patch and are not vulnerable and then change your passwords. Start with critical accounts like banking, and then move to email and social media, moving on down your list until you’ve changed all your passwords.

The majority of key sites will have taken care of the vulnerability by now, but check that your sites are OK before changing your passwords. (Use our tester to see if your favorite websites have deployed the patch.)

With all the excitement about how dangerous Heartbleed was, you’d think that people would have done something, anything to protect themselves. Well, you’d be wrong. Let’s check out some of the statistics (Software Advice conducted this survey):

–          67% of respondents are proud to say they have done nothing as a result of Heartbleed

–          only 53% even know what Heartbleed is

–          (the silver lining – if you want to call it that – is that, rather than guessing from other available multiple choices, 43% were honest enough to admit that they didn’t know what Heartbleed even was)

–          more than 75% said that they received no advice at their workplace about Heartbleed

Another survey (by Pew Research Center) revealed:

–          12% of respondents claimed to be overwhelmed by the idea of changing passwords

–          another 29% of people ‘hadn’t gotten around to’ changing their passwords


It’s been only 5 weeks since the whole world was blown away by the Heartbleed Bug and way too many people have either never heard of it or have already dropped it down the memory hole.

Today, May 16, we did a google search on ‘Heartbleed’ and found only 3 news entries in the first 10 results pages (that’s 3 out of 100 listings!) that were more recent than May 1.

That’s an astonishingly small number given that the risk still exists for most Internet users!

Is that because news outlets think consumers are safe, or that consumers no longer care about the threat?

Knock knock

Who’s there?