Heartbleed bug 'could affect 50% of websites'

  • Hackers
The padlock logo indicates that a company is using the OpenSSL security programme Credit: Tim Goode/EMPICS Entertainment

Around half of all websites are vulnerable to a security glitch which may allow hackers to access passwords and possibly financial information, a tech expert has told ITV News.

The Heartbleed bug affects OpenSSL, the product which puts a small padlock symbol on a website to reassure customers and users that their data is safe.

There have been warnings that people should "change all of their passwords" to secure themselves against the possible threat.

Mike Butcher, the editor of TechCrunch Europe, warned that smaller firms may not know they are vulnerable.

Fortunately, Finnish security firm Codenomicon has already set up a dedicated website to help users and companies protect themselves against the new threat.

Another site, LastPass, has a 'Heartbleed Checker' that lets a user type in a web address to see if a site is at risk from the bug.

Big firms including Facebook,Twitter and Instagram have already released statements to reassure their users that they are upgrading their defences against hacking.

Instagram said they had found "no evidence" of any attempted data theft, while Facebook said they had not seen "any signs of suspicious account activity".

Other firms, such as jobs networking site LinkedIn, said they had not used OpenSSL in the first place and were therefore not at risk.