Notice to Reset all Online Logins
|R&D Legal Bookkeeping
R&D wants to remind you the importance of using a bookkeeping service that is security conscious. In doing so we would like to make sure that you are aware of the following information regarding security of your accounts. Simply they are advising you to reset your online login credentials.
Please read the notice in detail below:
On Monday a team of researchers from Google disclosed that a major online security vulnerability dubbed “Heartbleed” could put your personal information at risk, including passwords, credit card information and e-mails.
“Heartbleed is a flaw in OpenSSL, an open-source encryption technology that is used by an estimated two-thirds of Web servers. It is behind many HTTPS sites that collect personal or financial information. These sites are typically indicated by a lock icon in the browser to let site visitors know the information they’re sending online is hidden from prying eyes.
Cybercriminals could exploit the bug to access visitors’ personal data as well as a site’s cryptographic keys, which can be used to impersonate that site and collect even more information.” – Heather Kelly, CNN
Sites affected by the bug include Google, Facebook, Yahoo, Intuit, Dropbox, Eventbrite, and over one million more.
The US Department of Homeland Security states to “Closely monitor your email accounts, bank accounts, social media accounts, and other online assets for irregular or suspicious activity, such as abnormal purchases or messages.”
All of the affected web services mentioned above have patched the exploit, but as a precaution it is highly recommend you change your login information for all of your online accounts. Remember to never re-use passwords across websites. Consider looking into a secure password manage such as LastPass.com, who also offers a free tool to check which sites have fixed the security issue (Lastpass.com/heartbleed/).
Malicious parties may also use this time to send fraudulent emails asking you to click a link to reset your passwords. Never log in to a link you have clicked in an email!