IE 11 is not supported. For an optimal experience visit our site on another browser.

Most Internet Users Ignored Heartbleed, New Poll Shows

The Heartbleed security bug was not enough to make most people change their passwords.
Image: A lock icon, signifying an encrypted Internet connection
Researchers announced on April 7 that they have uncovered a security bug in OpenSLL dubbed Heartbleed.MAL Langsdon / Reuters

Heatbleed prompted panic in the media, warnings from Internet companies, and suspicion towards the National Security Agency. But was it bad enough to make regular people change their passwords?

Yes, but only 39 percent of the public who heard of the security flaw, according to a new poll from the Pew Internet Center. Heartbleed, a major security flaw in the OpenSSL software used by websites to encrypt data, made at least 500,000 websites vulnerable to security leaks -- something that the NSA might have exploited to gather intelligence information, according to Bloomberg.

In the Heartbleed aftermath, websites like Tumblr and Yahoo sent out emails telling users to change their passwords. Some of them listened. Others? Not so much.

Pew Research Center Heartbleed Bug
Pew Research Center

The above graph only includes the "64 percent of Internet users who say they had heard of the Heartbleed bug." That means a lot of people did not change a thing after the security flaw was discovered (and those who did probably picked terrible new passwords).

That lack of concern is probably why 18 percent of Internet users reported that had their personal data -- such as their Social Security Number, credit card or bank account information -- stolen, according to a Pew Research Center poll taken in January.

Changing a password won't help users if the at-risk websites don't fix their security flaws. That is why 13 big tech firms, including Google, Facebook and Amazon, recently committed $3.9 million to fund open-source technology, which includes OpenSSL.