It's been over three weeks now since word got out about Heartbleed, also known as the security bug that was able to use an encryption code flaw to steal information from sites that most people trusted, like Facebook, Google, YouTube, Yahoo and Wikipedia. The flaw was around for two years, and nobody knew about it.
This was a big deal, it was all over the news and people were, rightfully, freaking out. But how much of an impact did it have on the average person?
Actually, it was probably not as big of one as you might think.
According to a new Pew poll, released on Wednesday, in which 1,500 people were surveyed about the bug, it turns out that while 60% of adults, and 64% of Internet users, had heard of it, only 39% of those users actually changed their passwords or canceled their accounts.
That means that 61% of the Internet did absolutely nothing to protect themselves. And it seems to be because people still have the sense that their information is safe, despite such a major security flaw being exposed.
The survey found that while 29% believed their information was at risk, only 6% of Internet users believe that their information was actually stolen.
Overall, 46% of the users surveyed said that they believed their information is "somewhat secure," while 23% said that it is "very secure," and 26% believe that their information is "not too secure" or "not at all secure."
Part of the problem was awareness. While the report did show that 60% knew about it, the story was also overshadowed by other stories, including the crisis between Russia and Ukraine. Only 19% of those surveyed said that they heard "a lot" about Heartbleed, while 41% said they heard "a little."
Also, those who had heard about it tended to be well educated and have higher incomes, despite the fact that anyone with an Internet connection was vulnerable. 77% of those with college educations were aware of Heartbleed, along with 75% of those living in households earning $75,000 or more.
It was also those upscale users who felt vulnerable, with 38% of online Americans with college or graduate degrees saying that they thought their information was put at risk, and 34% of the internet users living in households earning $75,000 or more. That is compared to 23% with a high school diploma or less, and 25% living in households earning less than $30,000.
And, of course, the educated and wealthy were the ones who actually protected themselves against the bug.
The fact that so few people were aware of the impact of Heartbleed, and were worried enough to take simple steps to protect themselves shows failure on two fronts: first, the media, for not presenting this story in a way that they could potentially understand. And, second, the companies who were affected, who did as little as possible to help their users who may have been affected.
I think that I received one e-mail from one company telling me to change my password, and that was from Twitter. Nobody else said anything about it.
(Image source: pcmag.com)