Heartbleed bug: Change these passwords

National & World
This is an archived article and the information in the article may be outdated. Please look at the time stamp on the story to see when it was last updated.

By Jose Pagliery

NEW YORK (CNNMoney) — Websites are racing to patch the Heartbleed bug, the worst security hole the Internet has ever seen.

As sites fix the bug on their end, it’s time for you to change your passwords. The Heartbleed bug allowed information leaks from a key safety feature that is supposed to keep your online communication private — email, banking, shopping, and passwords.

Don’t change all your passwords yet, though. If a company hasn’t yet updated its site, you still can’t connect safely. A new password would be compromised too.

Many companies are not informing their customers of the danger — or asking them to update their log-in credentials. So, here’s a handy password list. It’ll be updated as companies respond to CNN’s questions.

Change these passwords now (they were patched)

  • Google
  • YouTube
  • Gmail
  • Facebook
  • Yahoo
  • Yahoo Mail
  • Tumblr
  • Flickr
  • OKCupid
  • Wikipedia

Don’t worry about these (they don’t use the affected software, or ran a different version)

  • Amazon
  • AOL
  • Mapquest
  • Bank of America
  • Capital One bank
  • Charles Schwab
  • Chase bank
  • Citibank
  • E*Trade Fidelity
  • HSBC bank
  • LinkedIn
  • Microsoft
  • Hotmail
  • Outlook
  • PayPal
  • PNC bank
  • Scottrade TD
  • Ameritrade
  • Twitter
  • U.S. Bank
  • Vanguard
  • Wells Fargo

Don’t change these passwords yet (still unclear, no response)

  • American Express Apple
  • iCloud
  • iTunes
  • Healthcare.gov

™ & © 2014 Cable News Network, Inc., a Time Warner Company. All rights reserved.

Most Popular

Latest News

More News