E-Merchants Worried About Heartbleed’s Potential for Data Theft

Web merchants are worried over the Heartbleed Bug, a security flaw that could help hackers steal credit card numbers and other consumer data from within servers that run e-commerce sites. The flaw involves the free, widely used OpenSSL Web encryption tools, which enable website operators to encrypt such data as passwords and payment information. E-commerce operators and other potentially affected businesses have conceded the bug is serious, but reassured consumers that security has been or is being shored up. Amazon, Google, and other major e-commerce players were reportedly found to be secure from Heartbleed following testing. Among the remedial steps experts suggest e-commerce operators should follow are testing their Web infrastructure for flaws, contacting their Web security vendors to get corrective software patches, revoking and reissuing SSL certificates, and monitoring for a rise in chargebacks and other potential fraud indicators. Still, experts estimate that as much as 66 percent of websites worldwide could be impacted by the bug.

[divide]

From “The ‘Heartbleed’ Bug Has E-Retailers’ Hearts Racing With Anxiety”
Internet Retailer (04/09/14) Rueter, Thad