Twitter managed to avoid the Heartbleed internet vulnerability

Twitter was not affected by the Heartbleed Internet vulnerability that rocked the Web security world this week, making one less password consumers need to change to protect themselves, but users still need to be careful how they respond to the threat. Heartbleed is a bug in OpenSSL, a tool for securing Web connections, that could let attackers steal data from server memory 64KB at a time. 

News of “Heartbleed,” one of the most catastrophic security vulnerabilities the Web has ever seen, broke earlier this week. In a nutshell, it’ll soon be time to change almost every website password you have. Almost, but not all. If you’ve got a Twitter account, your password and other account information wasn’t accessible to hackers via the Heartbleed flaw, according to the company. “We were able to determine that twitter.com and api.twitter.com servers were not affected by this vulnerability,” Twitter said Tuesday afternoon. A spokesman would not disclose the exact technical reasons Twitter’s systems weren’t vulnerable to the Heartbleed flaw.

Read full article

Comments