Need Legal Help? Call Now!

The software bug, Heartbleed, is particularly bad news.  It may have compromised as many as 500,000 sites, including some big ones like Yahoo, Google, GoDaddy and Amazon.  It’s also not entirely clear how long this has been going on, so even sites that have been patched may have lost data before the patch was applied.

Determine if your site is affected and, if so, fix it.  Check the security of your own financial information and other external sites you work with.  Then, change all your passwords. Consider investing in some insurance against data loss and make sure that you stay on top of information about cyber threats.  Even if you and your business escaped harm this time, consider it a wake-up call.

What Is Heartbleed?

The flaw affects services and hardware running Linux or Unix-based systems using OpenSSL versions 1.0.1 to 1.0.1f.  Heartbleed threatens the security of online payments.  Visa, for example, has advised all merchants to patch their systems as soon as possible.  It may also compromise your customers’ private information if your business uses an online CRM (Customer Relations Manager). For those without an IT staff, LastPass and consultant Filippo Valsorda (by no means an exhaustive list) have created tools to determine if your site has been affected.

You should be concerned about the security of your own information, as well.  The chart created by Mashable is pretty hair-raising, but it’s a reasonable place to start in assessing your own risk.  You can also just go to your search engine and type in and then the name of the site you want to know about.

Change Your Passwords

Once you determine that your own site and any external sites you use are secure, change your passwords. Some of the most interesting advice comes from “ethical hackers,” who suggest things like two factor authentication or storing all passwords in an encrypted vault.  You probably don’t need to go that far, but at least make sure that all passwords are strong — eight or more characters, no words, no two the same.  Insist that all your employees do this a well.  If you do not already have a policy or a system in place that requires passwords to be changed periodically, this would be a very good time to start.

Consider Insuring Against Data Breach

Remember Target last Christmas?  It isn't just Heartbleed.  Data breaches are a chronic problem.  The smarter your business is, the more sensitive or non-public information you may find yourself storing. Losing information is one level of risk.  Losing a lawsuit because you lost control of a customer's information is another.  This may be the time to consider data breach or cyber liability coverage.

Watch Your News Feed

If you haven't already, think about adding some regular information on cyber threats to your daily reading.  You presumably have enough to do, but one wants to be a couple of weeks late in finding out about this sort of thing.

Protect your business with an on demand legal team

Learn More About General Counsel Select
Legally Sound | Smart Business
A podcast covering business in the news with a legal twist by Pasha Law PC
Legally Sound Smart Business Cover Art

Legally Sound | Smart Business covers the top business stories with a legal twist. Hosted by attorneys Nasir N. Pasha and Matt Staub of Pasha Law, Legally Sound | Smart Business is a podcast geared towards small business owners.

Download the Podcast

Google Podcast Subscribe Apple Podcast Subscribe

Ready to discuss representation for your business?

Pasha Law PC is not the typical law firm. No hourly rates and no surprise bills are its tenants. Our firm's approach is an ideal solution for certain select businesses.

Give us a call at 1-800-991-6504 to schedule an assessment.


Fill out the form assessment below and we'll contact you promptly to find the best time for a consultation with a Pasha Law PC attorney best suited for your business.

Please provide your full name.
Please provide the name of your business.
Please provide a valid email address.
Your phone number is not long enough.
Please provide a valid phone number.
Please provide a zip code of your business.
Please provide a short description of your business.
Please provide the approximate number of employees of your business.
Please provide the approximate number of years you have been in business.