There's a big problem with one of the tools used to protect your data as it travels over the Internet.
The bug, revealed on Monday by security researchers at Google and at an independent firm called Codenomicon, is called Heartbleed, and it compromises at least 66 percent of active websites, according to the team that discovered it.
Whenever data (passwords, usernames, etc.) is sent through the Internet, it gets encrypted, or turned into a code, so hackers can't access it. What makes the Heartbleed flaw truly scary is that it can allow hackers to break that encryption and access to your emails, passwords, documents and instant messages across such a large swath of the Internet. Though just discovered, this bug has likely existed for two years.
In short, it's a nightmare. So how can you protect yourself now?
You can and should check to see if websites you frequent have been impacted by the bug before you visit them again. You can download this Chrome extension, Chromebleed, that warns you when a site you're visiting has been affected.
You can also plug in a website to check if it's impacted on this webpage set up by Italian security consultant Filippo Valsorda. This test is not foolproof though, so don't rely on it alone.
Two sites that are known to have been impacted are Yahoo and Amazon, though both have said that they are in the process of fixing the vulnerability on their ends. (According to Valsorda's site, Yahoo and Amazon have already been patched.) OkCupid has also been affected by Heartbleed.
What else should you do? Watch your bank and credit card statements for unusual activity, since that information could be accessed by hackers. Some sites, like the tech news outlet Ars Technica, are asking users to change their passwords. Don't go around changing all of your passwords unless a site directs you to, though. Too much password changing could "exacerbate the problem," security experts tell CNET.
If you're especially paranoid, you might be best off just staying offline for a few days. "If you need strong anonymity or privacy on the Internet, you might want to stay away from the Internet entirely for the next few days while things settle," wrote Roger Dingedine, the president of Internet anonymity software company Tor.
Ultimately, it's up to the Internet companies we use and trust to fix the bug, so there's not a ton you can do on your own to combat it. "Service providers and users have to install the fix as it becomes available for the operating systems, networked appliances and software they use," Heartbleed.com, a site set up to explain the security flaw, reads. Until a site installs a fix, we're all left vulnerable.
How to vote
Vote-by-mail ballot request deadline: Varies by state
For the Nov 3 election: States are making it easier for citizens to vote absentee by mail this year due to the coronavirus. Each state has its own rules for mail-in absentee voting. Visit your state election office website to find out if you can vote by mail.Get more informationTrack ballot status
In-person early voting dates: Varies by state
Sometimes circumstances make it hard or impossible for you to vote on Election Day. But your state may let you vote during a designated early voting period. You don't need an excuse to vote early. Visit your state election office website to find out whether they offer early voting.My Election Office
General Election: Nov 3, 2020
Polling hours on Election Day: Varies by state/localityMy Polling Place