Heartbleed 101

Heard of heartbleed? No it’s not a new not-for-profit, but its definitely something not-for-profits should pay attention to. Heartbleed is being called one of the biggest threats to internet security so far, so what does it mean for your organisation?


Heartbleed is the name of a flaw found in the extremely common security layer OpenSSL, which is an open-source project maintained by a small group of developers. OpenSSL is the most popular TSL’s (Transport system layer) and is designed to make websites trustworthy and recognisable to consumers and protect their privacy and transactions.

A flaw in this system – heartbleed-  now means that sensitive information can be easily exposed to those that go looking for it.

What can you do to protect yourself?

As an individual it’s simple – change your passwords. You may have started to receive notifications from internet giants asking you to change your passwords. For a full list of websites that have been compromised click here.

As a leader of an organisation, your IT department will need to update to the new version of OpenSSL, which is a fairly straight forward process. However, your organisation may not be using OpenSSL. If your organisation is too small to warrant an IT department, check if security has been breached with your web host or third parties you are collecting donor information through.

So why did heartbleed make headlines?

Heartbleed is considerd one of the biggest threats to internet security because it affected so many websites.  According to mashable, secure websites with “https” in the URL (“s” stands for secure) make up 56% of websites, and nearly half of those sites were vulnerable to the bug.

Brands like Google and Facebook knew of heartbleed before the public announcement on April 7 but many brands like Amazon, Twitter and Yahoo were none the wiser. It was also worrying for many tech leaders because it was impossible to tell if security had or has been breached. All that was clear was that the bug existed.

So who is behind heartbleed?

Source is unknown, however initial arrests have been made for those taking advantage of the breach.

What is known is who found it. Neel Mehta of Google security discovered heartbleed around March 21st. Since then, Facebook and Microsoft donate $US15,000 to Neel via the Internet Bug Bounty program. Mehta chose to gives the funds to the Freedom of the Press Foundation.

About Us

Hi, we’re ntegrity, an award winning digital agency in Melbourne, Australia. We specialise in digital strategy, digital marketing, and training, and aim to operate as an extension of your team.

You can read more about our story and team or explore what we offer.

Feeling thankful…

It’s the time of year to look back and reflect. I wanted to share a bit about the year, and a…

8 Ways to Make the Most of your Google Grants Account

It’s nearly been a full year since Google announced changes to its Google Grants policy in December 2017 with the…

How to use retros to build a better company — and culture

  How do you make sure that you and your team are continuously improving? At ntegrity—like Google, Facebook, and Atlassian—we…

How GDPR affects Australian Marketers

There’s a reason why your inbox is full of emails about updated privacy policies. Europe’s new data protection laws, called…

The .au domain change that may be coming to Australia

Whether you like it or not, changes may be coming to Australian website domains. auDA, the official Australian industry body…

Wrestling with January 26

Every year when January 26 rolls around, I wrestle with two equal but opposing feelings. The first is simple: I love…


Digital Direction

Empowering Medela Australia to become the leading local subsidiary of their global brand

As the market-leader in breastfeeding products, Medela Australia approached us to help shape their digital direction and remain relevant to a new generation of mums.

View Case Study
As seen in