Heartbleed Security Issue Prompts Password Change Notices

Gear Diary is reader-supported. When you buy through links posted on our site, we may earn a commission at no cost to you.

You can learn more by clicking here.

Heartbleed security issue

The Heartbleed Security Issue is here. I tried out the Leap Motion controller last year; it’s a “hands free” device (small box) the connects to Mac and PC computers with accompanying software where hand gestures look to replace the traditional computer mouse during interactions.

This service recently sent me the following notice regarding the Heartbleed Security Issue:

Hello,

At Leap Motion, we take your account security very seriously. On Tuesday, we were informed of a major vulnerability, dubbed Heartbleed, within one of the Internet’s main security protocols. A great number of services across the internet – including Airspace – may have been affected by this issue.

Since learning of the vulnerability, we’ve been taking the proper measures to ensure the security of Airspace, and the bug has been patched. Our customers’ payment information, including credit card numbers, were not affected by the bug. We also have no indication that any data was compromised.

Nonetheless, we encourage you to change your Leap Motion account password. If you have any questions, please reach out to our customer support team.

Thanks,
Leap Motion

Codenomicon and Google Security found the issue throughout widely used website technology that use OpenSSL protection/encryption (e.g. https://…). In a nutshell, the Heartbleed security issue means that the closed padlock you usually see in your browser’s address bar — the one that tells you that your connection is secure — has been compromised. Heartbleed made it possible for its users to access your supposedly encrypted information.

Leap Motion certainly isn’t the only service that uses https, and they aren’t the only company that is worried about whether their files were compromised. Without knowing the full facts, it’s hard to know whether to let companies fix this issue or spend the time changing several personal Web accounts. Users can try a Heartbleed test, can look for company notifications, and can change their Web account information, which is definitely a way to proactively boost security.

What do you think of this Heartbleed security issue? Time to panic, or should we wait and see?

As an Amazon Associate, we earn from qualifying purchases. Thanks for your support!


About the Author

Gear Diary Staff
Gear Diary was founded on September 30, 2006, with the goal to create a website that would not easily be labeled. Everyone who is part of Gear Diary is a professional who uses technology in their work and daily lives. On this site, we share our enthusiasm while exploring the gear we use — the equipment that makes our lives easier, more entertaining, more productive, and more manageable. Our hope is that Gear Diary visitors find this site to be a welcoming, friendly, and accessible place to learn about and discuss interesting topics — and not only those that are tech-related! Gear Diary is a place to discover and explore all kinds of new gear, including smartphones, computers, kitchen gadgets, Toys, EDC, camping gear, or even your next new car! You can follow us on Twitter @GearDiarySite.

2 Comments on "Heartbleed Security Issue Prompts Password Change Notices"

  1. Doug Miller | April 12, 2014 at 10:26 am |

    I’m not panicking, but it’s always annoying when you need to go through and change passwords for services, particularly when they are not all that critical and their use doesn’t really expose personal info. The read later service Pocket sent an email suggesting an email change. I did it, but now that means that a bunch of apps on my iPad need to be reconfigured. It’s more annoying than anything, and, what’s the worst that can happen? Other people can access or read material I’ve saved for myself to read later?

    Still, I change the PW and go through the annoyance. Perhaps more annoying than Pocket are the services that I know were susceptible to compromise but that have not sent any notification to their users – Yahoo mail, I believe Google as well. At the very least we users deserve notification, right? At least Pocket, ITTT.com, Lastpass, and 1Password have let me know where their services stand.

    • Mike Siebenaler | April 15, 2014 at 10:05 pm |

      Nice points. Yes, a necessary annoyance if we want to use the technology. Definitely a customer service test right now for these well varied companies.

Comments are closed.