Hackers leave no trace
Surfers recognize secured connections through the tiny lock in the address bar or the https prefix in web addresses, instead of the more familiar http. These connections are secured through the OpenSSL software and normally guarantee that the shared information is safe. With Heartbleed, hackers can very easily view and gather that information, to obtain usernames and passwords.
That is not only a hazard for the user, but also a huge problem for every web shop. Apparently, the bug has been around for over two years and whoever uses it, leaves no trace at all. Every online retailer who uses a system with the Heartbleed leak cannot guarantee the safety of the payment information customers have sent in this time frame.
Consumer trust harmed
Changing your information is quite futile, as hackers can view that information as well for as long as the leak has not been fixed. Safety expert Mark Seiden told the New York Times that surfers should not do anything “until the web services have made their sites secure”.
It is estimated that about half of all web servers use OpenSSL, which clearly demonstrates the size of the problem. There has been a fix for the problem and major sites have already plugged the backdoor, but it is proof that this type of leak harms the faith consumers may have in online purchases.
