Click here for local radar

Heartbleed: What passwords you should change right now


NEW YORK (CNNMoney) — Websites are racing to patch the Heartbleed bug, the worst security hole the Internet has ever seen.

As sites fix the bug on their end, it’s time for you to change your passwords. The Heartbleed bug allowed information leaks from a key safety feature that is supposed to keep your online communication private — email, banking, shopping, and passwords.

Don’t change all your passwords yet, though. If a company hasn’t yet updated its site, you still can’t connect safely. A new password would be compromised too.

Many companies are not informing their customers of the danger — or asking them to update their log-in credentials. So, here’s a handy password list. It’ll be updated as companies respond to CNN’s questions.

Change these passwords now (they were patched)

Airbnb Google, YouTube and Gmail Facebook Yahoo, Yahoo Mail, Tumblr, Flickr OKCupid Pinterest Wikipedia

Don’t worry about these (they don’t use the affected software, or ran a different version)

Amazon Apple, iCloud and iTunes AOL and Mapquest Bank of America BECU Capital One bank Charles Schwab Chase bank Citibank E*Trade Fidelity (Health Department said “security protections prevent this vulnerability from occurring.”) HSBC bank Hulu LinkedIn Microsoft, Hotmail and Outlook PayPal PNC bank Scottrade TD Ameritrade Twitter U.S. Bank Vanguard Wells Fargo

Don’t change these passwords yet (still unclear, no response)

American Express

Suggest a correction


Comments are closed.


Get every new post delivered to your Inbox.

Join 2,433 other followers