Heatbleed prompted panic in the media, warnings from Internet companies, and suspicion towards the National Security Agency. But was it bad enough to make regular people change their passwords?
Yes, but only 39 percent of the public who heard of the security flaw, according to a new poll from the Pew Internet Center. Heartbleed, a major security flaw in the OpenSSL software used by websites to encrypt data, made at least 500,000 websites vulnerable to security leaks -- something that the NSA might have exploited to gather intelligence information, according to Bloomberg.
In the Heartbleed aftermath, websites like Tumblr and Yahoo sent out emails telling users to change their passwords. Some of them listened. Others? Not so much.
The above graph only includes the "64 percent of Internet users who say they had heard of the Heartbleed bug." That means a lot of people did not change a thing after the security flaw was discovered (and those who did probably picked terrible new passwords).
That lack of concern is probably why 18 percent of Internet users reported that had their personal data -- such as their Social Security Number, credit card or bank account information -- stolen, according to a Pew Research Center poll taken in January.
Changing a password won't help users if the at-risk websites don't fix their security flaws. That is why 13 big tech firms, including Google, Facebook and Amazon, recently committed $3.9 million to fund open-source technology, which includes OpenSSL.