MANILA, Philippines - Beware of the “Heartbleed bug” when transacting over the Internet.
Credit Card Association of the Philippines (CCAP) executive director and spokesperson Alex Ilagan said the Internet bug allows hackers to gain access to usernames, passwords, personal information and credit card information.
“Hackers can steal the server’s digital keys, which are used to encrypt communications, internal documents and user’s personal data. This in turn contains credit card information, which is used to purchase products and pay for services online,” he said.
Internet research firm Netcraft said around 500,000 foreign websites, including email service providers, social media and popular websites, could have been affected by Heartbleed.
Ilagan said there are no documented accounts so far that Heartbleed penetrated any online platform of banks and other websites in the country.
“Our member banks have their own security parameters in place against all threats that may compromise the sensitive and private information of their clients,” he said.
He said a system-breach among the country’s banks is also unlikely, as most of them use unique high-level data security and encryption measures.
Even then, the CCAP urged the public to be extra cautious while transacting over the Internet.
“We strongly suggest for our dear credit cardholders to simply research using their preferred search engine. The list also specifies if the website has patched defenses against Heartbleed,” Ilagan said.
The public is also advised to change their passwords, particularly if they have major accounts on websites listed as affected and have been patched against Heartbleed.
The practice of using the same password in different websites, especially in banks and credit card websites, is being discouraged.
“Please be vigilant and make sure that one keeps an eye on sensitive online accounts. Bank and email accounts should be continuously monitored for suspicious activity,” Ilagan said.