Keeping Your Credit Card Safe from the Heartbleed Bug

We can’t seem to get enough of online shopping. Canadians spent a whopping $18.9 billion online in 2012, according to Statistics Canada. Over half of Canadians (56 per cent) made an online purchase, spending an average of $1,450 over 13 transactions. If you’re one of the millions of Canadians who shopped online, chances are you used your credit card at least once.

Last Monday news broke about the biggest internet security breach in history. The Heartbleed bug left the passwords of up to 66 per cent of all Internet accounts vulnerable. Earlier this week Canada Revenue Agency said that 900 SINs were stolen due to the bug. Not only are usernames and passwords fair game for hackers, credit card numbers are, too.

Not-So-Secure Websites

Websites you thought were secure may not be as secure as you think. Heartbleed took advantage of a flaw in secure website – website addresses beginning with “https.” The “s” is supposed to stand for secure, but we’re learning that wasn’t necessarily the case. A savvy cybercriminal could have taken advantage of the Heartbleed bug to steal your personal information.

If you’ve logged into one of the millions of websites website affected by the Heartbleed bug, your personal information, including credit card numbers could be compromised. Your credit card information could have been stolen and sold on the black market without ever knowing it.

Protecting Your Personal Information

It’s important to be proactive when it comes to cyber security. Here are some steps to take to protect yourself from the Heartbleed bug after the fact.

Credit Reports. If you think you may have been affected by Heartbleed, it’s important to watch your credit history like a hawk. Review your credit report once a year like clockwork. You’re entitled to one free credit report by mail from Equifax Canada and TransUnion Canada. If you suspect you’ve been a victim of fraud, advise the credit rating agencies immediately, so fraud alerts can be put in place.

Financial Accounts. Once a thief has your credit card information, they’re likely to start with a few small purchases. Once they’ve tested your card out, they’re more likely to go out on a shopping spree at your expense. Although credit cards like MasterCard and Visa offer zero liability on unauthorized expenses, it can be time-consuming and a pain in the neck to prove your case, as well as repair any damage that has been done to your credit history.

To avoid this situation together, it’s important to keep a close eye on your financial statements. Review your credit card statement line by line on a monthly basis. If you spot any suspicious charges, report them to your credit card company immediately.

Change Usernames and Passwords. If you’ve ever stored personal information, such as credit card numbers, at the websites of online merchants, it’s important to update usernames and passwords immediately once the Heartbleed bug has been patched. Also, delete your credit card information from all websites. How do you know which sites may have been affected? A nifty tool called LastPass Heartbleed checker lets you see if a website was ever vulnerable and whether it’s now safe to use.

If Heartbleed has taught us anything, it’s that you need to be extra careful when entering personal information online. Before you make your next online purchase, make sure you’re entering your credit card information on a secure website. The last thing you want is for your credit card number to end up in the hands of cybercriminals.