Bloomberg: NSA Knew About And ‘Exploited’ Heartbleed For Years

HUFFINGTON POST: The National Security Agency knew of the existence of the catastrophic bug for at least two years and kept it a secret from the public and the cybersecurity community in order to exploit it, according to a bombshell report from Bloomberg News. However, the agency is denying the story…

“NSA was not aware of the recently identified vulnerability in OpenSSL, the so-called Heartbleed vulnerability, until it was made public in a private sector cybersecurity report,” the Office of the Director of National Intelligence said in a statement to HuffPost. “Reports that say otherwise are wrong.” A White House spokesperson also stated that no federal agency was aware of the bug.

First discovered by Google and Codenomicon, a security firm, the Heartbleed bug is a flaw in the encryption used to protect vast number of websites from hackers. The fear is that the bug may expose credit card numbers, passwords and more… (more)

Share