The Heartbleed security problem with SSL has been big news this week but who was hit and what do you need to do?
The problem for gamers is the fact that so many well used sites such as email providers and social media outlets were also affected and more often that not these logins and emails are the same as people’s game logins. Sites such as Yahoo, Google and Facebook were vulnerable so you can imagine the chaos and panic it has caused with Internet users. Mashable has a good list up now which shows who was affected that is not related to gaming
The good news is most services were quick to react and resolved the issue quite quickly but that doesn’t mean everyone is in the clear. The advice being given is to change passwords so there’s less chance of any damage being done. Even on services that were not affected in case a password or other secure information was the same as one used on site that was affected.
We’ve been checking out who in the world of PC gaming has been affected, what action has been taken, and what you’re being advised to do.
Not affected but still change your password.
- Battle.Net
- ArenaNet
- EVE
- Marvel Heroes
Fixed and change your password.
- Steam
- Minecraft
- Wargaming
- League of Legends
- GOG
- Origin
- SOE
- Humble Bundle
- Path of Exile
Still Unknown but change the password anyway.
- Twitch
The bottom line is that it’s best to just change all your passwords wherever you use them then you’ll know that you’re safe. If you are still not sure what all the fuss is about here’s an explanation which we posted earlier in the week.
The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. SSL/TLS provides communication security and privacy over the Internet for applications such as web, email, instant messaging (IM) and some virtual private networks (VPNs).
The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and the actual content. This allows attackers to eavesdrop communications, steal data directly from the services and users and to impersonate services and users
