Updated Wed, Apr 9, 2014 4:24 pm
Passwords and other sensitive data are at risk after security researchers discovered a problem with an encryption technology used to securely transmit email, e-commerce transactions, social networking posts and other Web traffic.
The problem was found in OpenSSL, a technology that is the basis for encrypting Web traffic. Researchers say that OpenSSL is used by two of the most widely used Web server software, Apache and nginx. That means many websites potentially have this security flaw, nicknamed Heartbleed.
Researchers say the technology is also used to secure email, chats and virtual private networks, which are used by employees to connect securely with corporate networks.
Ohio University’s Office of Information Technology is urging users of its Virtual Private Network (VPN) to change their passwords after the security flaw was discovered.
The university’s OIT office said it has taken its VPN offline to fix the security flaw.
The flaw was discovered independently by researchers at Google and the Finnish security firm Codenomicon.
If you want to check to see if a website you use is vulnerable, click here.