The breach lasted from mid-May through July. The hackers accessed people’s names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers. They also stole credit card numbers for about 209,000 people and dispute documents with personal identifying information for about 182,000 people. And they grabbed personal information of people in the UK and Canada too.
U.S. Central Intelligence WikiLeaks 8,761 Documents and Files
On Tuesday, March 7, 2017 WikiLeaks began publishing the first full part “Year 0” of its “Vault 7” series of 8,761 documents and files allegedly from an isolated, high-security network situated inside the CIA’s Center for Cyber Intelligence in Langley, Virginia.
According to WikiLeaks:
“By the end of 2016, the CIA’s hacking division, which formally falls under the agency’s Center for Cyber Intelligence (CCI), had over 5000 registered users and had produced more than a thousand hacking systems, trojans, viruses, and other “weaponized” malware. Such is the scale of the CIA’s undertaking that by 2016, its hackers had utilized more code than that used to run Facebook. The CIA had created, in effect, its “own NSA” with even less accountability and without publicly answering the question as to whether such a massive budgetary spend on duplicating the capacities of a rival agency could be justified.”
The publishing of this information compromised a significant amount of cyber security information that was not previously public. It publicly disclosed the confidential Cyber Security tools allegedly used by the CIA.
For more detailed information:
Vault 7: CIA Hacking Tools Revealed (WikiLeaks, 03-07,2017)
WikiLeaks Dumps Docs on CIA’s Hacking Tools (KrebsonSecurity, 03-08-17)
DNC Email Servers – 19,252 Emails and 8,034 Attachments
On Friday 22 July 2016 at 10:30am EDT, WikiLeaks releases 19,252 emails and 8,034 attachments from the top of the US Democratic National Committee. The leaks come from the accounts of seven key figures in the DNC:
- Communications Director Luis Miranda (10770 emails – mirandal@dnc.org)
- National Finance Director Jordon Kaplan (3797 emails – kaplanj@dnc.org)
- Finance Chief of Staff Scott Comer (3095 emails – comers@dnc.org)
- Finance Director of Data & Strategic Initiatives Daniel Parrish (1472 emails – parrishd@dnc.org)
- Finance Director Allen Zachary (1611 emails – zallen@tipahconsulting.com)
- Senior Advisor Andrew Wright (938 emails – wrighta@dnc.org – stowe@dnc.org)
- Northern California Finance Director Robert (Erik) Stowe (751 emails).
The emails cover the period from January last year until 25 May this year.
Here’s the link to the Wikileaks site that provides the database of emails.
Chick-fil-A Reports Possible Data Breach
On January 2, 2015, Chick-Fil-A reported a possible data breach of 9,000 records.
Morgan Stanley Data Breach
On 12/27/2014 a Morgan Stanley employee is alleged to have taken account information from 900 clients and partial information form 10% of the Wealth Management Clients.
Heartbleed List of Vulnerable Servers
Update: 04/10/2014 – The list below are the websites that were vulnerable as of April 8, 2014 at 16:00 UTC. However, OpenSSL (1.0.1 to 1.0.1f) that uses the TLS heartbeat extension is used by almost every major website including Google, Twitter, Amazon, Yahoo, Microsoft as well as the major Web Hosting Providers. In the last 24-48 hours, the companies are now acknowledging they have implemented the fixes (upgraded to OpenSSL 1.0.1g or recompliled with the -DOPENSSL_NO_HEARTBEATS flag). So I would imagine that most IT Security Professionals will be recommending that all passwords be changed several times in the upcoming weeks and never reusing an old password.
Here’s the list of servers that were vulnerable to the Heartbleed Bug as of April 8, 2014 16:00 UTC as reported on a Heartbleed-Masstest.
1001freefonts.com… vulnerable.
101domain.com… vulnerable.
123rf.com… vulnerable.
18qt.com… vulnerable.
1c-bitrix.ru… vulnerable.
24tv.ua… vulnerable.
2gis.ru… vulnerable.
444.hu… vulnerable.
500px.com… vulnerable.
518.com.tw… vulnerable.
55188.com… vulnerable.
99wed.com… vulnerable.
a2hosting.com… vulnerable.
abakus-internet-marketing.de… vulnerable.
adage.com… vulnerable.
addthis.com… vulnerable.
adf.ly… vulnerable.
adscendmedia.com… vulnerable.
adshostnet.com… vulnerable.
adslzone.net… vulnerable.
adultbay.org… vulnerable.
adworkmedia.com… vulnerable.
adxcore.com… vulnerable.
affiliatewindow.com… vulnerable.
affilorama.com… vulnerable.
afrihost.com… vulnerable.
afterbuy.de… vulnerable.
alfajertv.com… vulnerable.
alkislarlayasiyorum.com… vulnerable.
all-union.com… vulnerable.
amung.us… vulnerable.
androidcentral.com… vulnerable.
androidpit.com… vulnerable.
androidpit.de… vulnerable.
androidpolice.com… vulnerable.
animoto.com… vulnerable.
apktops.ir… vulnerable.
aplus.com… vulnerable.
appannie.com… vulnerable.
appcelerator.com… vulnerable.
appthemes.com… vulnerable.
archive.org… vulnerable.
aremo.com.br… vulnerable.
arioo.com… vulnerable.
arstechnica.com… vulnerable.
arvixe.com… vulnerable.
asiatech.ir… vulnerable.
astro.com… vulnerable.
attracta.com… vulnerable.
authorityroi.com… vulnerable.
avazutracking.net… vulnerable.
avito.ma… vulnerable.
avito.ru… vulnerable.
avsforum.com… vulnerable.
awempire.com… vulnerable.
ay.gy… vulnerable.
azhibo.com… vulnerable.
bab.la… vulnerable.
bahseazad.ir… vulnerable.
banglanews24.com… vulnerable.
bannersbroker.com… vulnerable.
barchart.com… vulnerable.
barclaycardus.com… vulnerable.
basketball-reference.com… vulnerable.
baskino.com… vulnerable.
bavotasan.com… vulnerable.
beeg.com… vulnerable.
beliefnet.com… vulnerable.
berlin.de… vulnerable.
bibsonomy.org… vulnerable.
bidorbuy.co.za… vulnerable.
bigpoint.com… vulnerable.
billionuploads.com… vulnerable.
bimlatino.com… vulnerable.
biography.com… vulnerable.
bitterstrawberry.com… vulnerable.
bittorrent.com… vulnerable.
bizdec.ru… vulnerable.
bizpowa.com… vulnerable.
bizrate.com… vulnerable.
blip.tv… vulnerable.
blizko.ru… vulnerable.
bomnegocio.com… vulnerable.
bplans.com… vulnerable.
breitbart.com… vulnerable.
btcclicks.com… vulnerable.
buenosaires.gob.ar… vulnerable.
bytes.com… vulnerable.
cabelas.com… vulnerable.
castorama.fr… vulnerable.
cbr.ru… vulnerable.
cdn4711.net… vulnerable.
championat.com… vulnerable.
chaturbate.com… vulnerable.
check24.de… vulnerable.
cheezburger.com… vulnerable.
chefkoch.de… vulnerable.
chess.com… vulnerable.
christianpost.com… vulnerable.
cifraclub.com.br… vulnerable.
cinepolis.com… vulnerable.
cinepolis.com.mx… vulnerable.
citruspay.com… vulnerable.
city-data.com… vulnerable.
classifiedads.com… vulnerable.
clickey.com… vulnerable.
clickprime8.com… vulnerable.
coderanch.com… vulnerable.
coinmill.com… vulnerable.
competitor.com… vulnerable.
congratulations-you-won.com… vulnerable.
cooperativa.cl… vulnerable.
copy.com… vulnerable.
cpasuperaffiliate.com… vulnerable.
cplusplus.com… vulnerable.
creativecommons.org… vulnerable.
creditkarma.com… vulnerable.
csfd.cz… vulnerable.
cuisineaz.com… vulnerable.
customink.com… vulnerable.
cyberchimps.com… vulnerable.
cyberciti.biz… vulnerable.
dailybasis.com… vulnerable.
dailycaller.com… vulnerable.
darty.com… vulnerable.
dastelefonbuch.de… vulnerable.
datropy.com… vulnerable.
daveramsey.com… vulnerable.
dek-d.com… vulnerable.
depositfiles.com… vulnerable.
depositfiles.org… vulnerable.
deseretnews.com… vulnerable.
designmodo.com… vulnerable.
dev7studios.com… vulnerable.
dfiles.eu… vulnerable.
dfiles.ru… vulnerable.
dha.com.tr… vulnerable.
dhnet.be… vulnerable.
diepresse.com… vulnerable.
digitalmarketer.com… vulnerable.
digitalpoint.com… vulnerable.
digitalriver.com… vulnerable.
digitaltrends.com… vulnerable.
directadmin.com… vulnerable.
dl-protect.com… vulnerable.
dlisted.com… vulnerable.
docnhat.net… vulnerable.
domainnamesales.com… vulnerable.
doodle.com… vulnerable.
down1oads.com… vulnerable.
downloadab.com… vulnerable.
dramafever.com… vulnerable.
draugiem.lv… vulnerable.
dreamstime.com… vulnerable.
dressupgamesite.com… vulnerable.
drugs.com… vulnerable.
dsdomination.com… vulnerable.
duke.edu… vulnerable.
dynadot.com… vulnerable.
ebesucher.de… vulnerable.
economist.com… vulnerable.
ecosia.org… vulnerable.
edgecastcdn.net… vulnerable.
edlen24.com… vulnerable.
ee.co.uk… vulnerable.
efukt.com… vulnerable.
elegantthemes.com… vulnerable.
elitetorrent.net… vulnerable.
elle.fr… vulnerable.
encuentra24.com… vulnerable.
enter.ru… vulnerable.
entrepreneur.com… vulnerable.
entropay.com… vulnerable.
eprize.com… vulnerable.
europe1.fr… vulnerable.
eventbrite.co.uk… vulnerable.
eventbrite.com… vulnerable.
evsuite.com… vulnerable.
exactseek.com… vulnerable.
example.com… vulnerable.
expatriates.com… vulnerable.
extremetracking.com… vulnerable.
fab.com… vulnerable.
fancy.com… vulnerable.
fark.com… vulnerable.
farnell.com… vulnerable.
farsisubtitle.com… vulnerable.
fast-torrent.ru… vulnerable.
fatwallet.com… vulnerable.
favstar.fm… vulnerable.
feebbo.com… vulnerable.
fermasosedi.ru… vulnerable.
fide.com… vulnerable.
filelist.ro… vulnerable.
filmaffinity.com… vulnerable.
final.ir… vulnerable.
fineartamerica.com… vulnerable.
fitbit.com… vulnerable.
fizzle.co… vulnerable.
flamingtext.com… vulnerable.
flexmls.com… vulnerable.
flickr.com… vulnerable.
flightaware.com… vulnerable.
fontpalace.com… vulnerable.
fool.com… not vulnerable.
foozine.com… vulnerable.
fotki.com… vulnerable.
free-ebooks.net… vulnerable.
freelogoservices.com… vulnerable.
freelotto.com… vulnerable.
friendorfollow.com… vulnerable.
full-stream.net… vulnerable.
funnie.st… vulnerable.
futbol24.com… vulnerable.
gazzetta.gr… vulnerable.
ge.tt… vulnerable.
gelbeseiten.de… vulnerable.
getrichradio.com… vulnerable.
getsatisfaction.com… vulnerable.
gfan.com… vulnerable.
ghatreh.com… vulnerable.
gi-akademie.com… vulnerable.
gi-backoffice.com… vulnerable.
giga.de… vulnerable.
globallshare.com… vulnerable.
globus-inter.com… vulnerable.
gnetwork.biz… vulnerable.
gogetlinks.net… vulnerable.
gogoanime.com… vulnerable.
gogvo.com… vulnerable.
gonzoxxxmovies.com… vulnerable.
gordonua.com… vulnerable.
gorilla-evolution.com… vulnerable.
gorillavid.in… vulnerable.
gov.cl… vulnerable.
graphicstock.com… vulnerable.
graphixshare.com… vulnerable.
grasscity.com… vulnerable.
hammihan.com… vulnerable.
head-fi.org… vulnerable.
healthkart.com… vulnerable.
heritage.org… vulnerable.
hidemyass.com… vulnerable.
hobo-web.co.uk… vulnerable.
holidaylettings.co.uk… vulnerable.
homeshop18.com… vulnerable.
hotnews.ro… vulnerable.
hotukdeals.com… vulnerable.
hrsmart.com… vulnerable.
hsoub.com… vulnerable.
hypovereinsbank.de… vulnerable.
ibtimes.co.in… vulnerable.
ideeli.com… vulnerable.
idwebgame.com… vulnerable.
ifttt.com… vulnerable.
imasters.com.br… vulnerable.
imgsrc.ru… vulnerable.
imperiaonline.org… vulnerable.
inc.com… vulnerable.
indiegogo.com… vulnerable.
indowebster.com… vulnerable.
infogr.am… vulnerable.
informador.com.mx… vulnerable.
infowars.com… vulnerable.
ingbank.pl… vulnerable.
internetdownloadmanager.com… vulnerable.
internetlifestylenetwork.com… vulnerable.
internettrafficformula.com… vulnerable.
invisionpower.com… vulnerable.
invisionzone.com… vulnerable.
ip138.com… vulnerable.
ip2location.com… vulnerable.
izlesene.com… vulnerable.
j.gs… vulnerable.
jango.com… vulnerable.
jasmin.com… vulnerable.
jobisjob.co.in… vulnerable.
jonloomer.com… vulnerable.
joomlaportal.de… vulnerable.
joomlart.com… vulnerable.
joomlashine.com… vulnerable.
joxi.ru… vulnerable.
joyreactor.cc… vulnerable.
jquery4u.com… vulnerable.
jqueryscript.net… vulnerable.
juicyads.com… vulnerable.
jumia.com.ng… vulnerable.
junbi-tracker.com… vulnerable.
kaskus.co.id… vulnerable.
kaspersky.com… vulnerable.
kat.ph… vulnerable.
katestube.com… vulnerable.
keek.com… vulnerable.
kenrockwell.com… vulnerable.
keyandway.com… vulnerable.
khamsat.com… vulnerable.
kickass.to… vulnerable.
kicktipp.de… vulnerable.
kingworldnews.com… vulnerable.
kyivpost.com… vulnerable.
lalibre.be… vulnerable.
lavozdegalicia.es… vulnerable.
lavozdelmuro.com… vulnerable.
leo.org… vulnerable.
letitbit.net… vulnerable.
letras.mus.br… vulnerable.
libsyn.com… vulnerable.
lifo.gr… vulnerable.
lijit.com… vulnerable.
livetv.sx… vulnerable.
lonelyplanet.com… vulnerable.
longtailvideo.com… vulnerable.
longurl.it… vulnerable.
lovoo.net… vulnerable.
lupoporno.com… vulnerable.
luxup.ru… vulnerable.
lyricsmode.com… vulnerable.
m-w.com… vulnerable.
madmimi.com… vulnerable.
mail.com… vulnerable.
majesticseo.com… vulnerable.
mandrillapp.com… vulnerable.
markethealth.com… vulnerable.
marksdailyapple.com… vulnerable.
marunadanmalayali.com… vulnerable.
matadornetwork.com… vulnerable.
maxpark.com… vulnerable.
mci.ir… vulnerable.
mdir.ir… vulnerable.
mediapost.com… vulnerable.
mediatemple.net… vulnerable.
medium.com… vulnerable.
megaindex.ru… vulnerable.
memecenter.com… vulnerable.
mg.gov.br… vulnerable.
mightydeals.com… vulnerable.
millenium.org… vulnerable.
minus.com… vulnerable.
mirtesen.ru… vulnerable.
mobeoffice.com… vulnerable.
mobikwik.com… vulnerable.
mobilelikez.com… vulnerable.
mobypicture.com… vulnerable.
mojo-themes.com… vulnerable.
mojomarketplace.com… vulnerable.
mttbsystem.com… vulnerable.
mubasher.info… vulnerable.
mumsnet.com… vulnerable.
myanimelist.net… vulnerable.
mydealz.de… vulnerable.
myegy.to… vulnerable.
mythemeshop.com… vulnerable.
myus.com… vulnerable.
nanapi.jp… vulnerable.
nascar.com… vulnerable.
nasgo.net… vulnerable.
nationaljournal.com… vulnerable.
naukrigulf.com… vulnerable.
ncsu.edu… vulnerable.
neurs.com… vulnerable.
neurs.net… vulnerable.
newsnow.co.uk… vulnerable.
njuskalo.hr… vulnerable.
nosub.tv… vulnerable.
noulinx.com… vulnerable.
nukistream.com… vulnerable.
ocj.com.cn… vulnerable.
okcupid.com… vulnerable.
okitspace.com… vulnerable.
olx.co.th… vulnerable.
onedio.com… vulnerable.
online-convert.com… vulnerable.
optimizehub.com… vulnerable.
optimizepress.com… vulnerable.
oschina.net… vulnerable.
osclass.org… vulnerable.
outbrain.com… vulnerable.
overclock.net… vulnerable.
paipai.com… vulnerable.
palcomp3.com… vulnerable.
paperblog.com… vulnerable.
paris.fr… vulnerable.
path.com… vulnerable.
pch.com… vulnerable.
pciconcursos.com.br… vulnerable.
peeplo.com… vulnerable.
peerfly.com… vulnerable.
peixeurbano.com.br… vulnerable.
perfectworld.eu… vulnerable.
performancehorizon.com… vulnerable.
petflow.com… vulnerable.
php.net… vulnerable.
phpbb.com… vulnerable.
phpnuke.org… vulnerable.
picmonkey.com… vulnerable.
pik.ba… vulnerable.
pingler.com… vulnerable.
pinkbike.com… vulnerable.
pixeden.com… vulnerable.
playcast.ru… vulnerable.
playxn.com… vulnerable.
polki.pl… vulnerable.
pond5.com… vulnerable.
pons.com… vulnerable.
popads.net… vulnerable.
popupads.ir… vulnerable.
pornyaz.com… vulnerable.
postjoint.com… vulnerable.
powtoon.com… vulnerable.
premiere.fr… vulnerable.
prezentacya.ru… vulnerable.
privatbank.ru… vulnerable.
privatbank.ua… vulnerable.
profitcentr.com… vulnerable.
programmableweb.com… vulnerable.
proranktracker.com… vulnerable.
ptcsolution.com… vulnerable.
pulptastic.com… vulnerable.
q.gs… vulnerable.
qoinpro.com… vulnerable.
qq163.com… vulnerable.
quidco.com… vulnerable.
quirktools.com… vulnerable.
quondos.com… vulnerable.
radiko.jp… vulnerable.
radiojavan.com… vulnerable.
rantlifestyle.com… vulnerable.
rantsports.com… vulnerable.
rapidshare.com… vulnerable.
rarbg.com… vulnerable.
rcgroups.com… vulnerable.
readthedocs.org… vulnerable.
readwrite.com… vulnerable.
realself.com… vulnerable.
rememberthemilk.com… vulnerable.
resellerratings.com… vulnerable.
responsinator.com… vulnerable.
reverbnation.com… vulnerable.
rollingstone.com… vulnerable.
romedic.ro… vulnerable.
roodo.com… vulnerable.
rosnet.ru… vulnerable.
rozetka.com.ua… vulnerable.
safecart.com… vulnerable.
saharareporters.com… vulnerable.
savenkeep.com… vulnerable.
scamadviser.com… vulnerable.
scoop.it… vulnerable.
scoopwhoop.com… vulnerable.
searchenginejournal.com… vulnerable.
searchfunmoods.com… vulnerable.
selfhtml.org… vulnerable.
sendspace.com… vulnerable.
seo-fast.ru… vulnerable.
seocentro.com… vulnerable.
seratnews.ir… vulnerable.
serpbook.com… vulnerable.
seznam.cz… vulnerable.
sh.st… vulnerable.
shaparak.ir… vulnerable.
shopware.de… vulnerable.
shopzilla.com… vulnerable.
similarweb.com… vulnerable.
sinaapp.com… vulnerable.
sinemalar.com… vulnerable.
sixfigurefunnelformula.com… vulnerable.
sixrevisions.com… vulnerable.
skimlinks.com… vulnerable.
skrill.com… vulnerable.
slate.fr… vulnerable.
slimspots.com… vulnerable.
smartbrief.com… vulnerable.
smartinsights.com… vulnerable.
smashwords.com… vulnerable.
sme.sk… vulnerable.
smi2.ru… vulnerable.
socialadr.com… vulnerable.
socialfabric.us… vulnerable.
softcoin.com… vulnerable.
softportal.com… vulnerable.
sogou.com… vulnerable.
solidtrustpay.com… vulnerable.
songmeanings.com… vulnerable.
soup.io… vulnerable.
sparkasse.at… vulnerable.
spartoo.com… vulnerable.
speedyshare.com… vulnerable.
spinding.com… vulnerable.
sportdog.gr… vulnerable.
sports.fr… vulnerable.
springpad.com… vulnerable.
squidoo.com… vulnerable.
srclick.ru… vulnerable.
ss.lv… vulnerable.
ssisurveys.com… vulnerable.
stackexchange.com… vulnerable.
stackoverflow.com… vulnerable.
startimes.com… vulnerable.
static.squarespace.com… vulnerable.
steamcommunity.com… vulnerable.
studiopress.com… vulnerable.
sudaneseonline.com… vulnerable.
swansonvitamins.com… vulnerable.
t24.com.tr… vulnerable.
tagesanzeiger.ch… vulnerable.
talkingpointsmemo.com… vulnerable.
talktalk.co.uk… vulnerable.
taz.de… vulnerable.
technobuffalo.com… vulnerable.
telewebion.com… vulnerable.
telly.com… vulnerable.
templateism.com… vulnerable.
text.ru… vulnerable.
theatlantic.com… vulnerable.
theme.co… vulnerable.
theme123.net… vulnerable.
themefuse.com… vulnerable.
therichest.com… vulnerable.
thestreet.com… vulnerable.
thewire.com… vulnerable.
theync.com… vulnerable.
tokopedia.com… vulnerable.
tomoson.com… vulnerable.
top.de… vulnerable.
topnews.ru… vulnerable.
torcache.net… vulnerable.
toshiba.com… vulnerable.
tractionize.com… vulnerable.
trafficfactory.biz… vulnerable.
transfermarkt.de… vulnerable.
trovit.com… vulnerable.
trovit.com.mx… vulnerable.
trovit.es… vulnerable.
trovit.it… vulnerable.
trthaber.com… vulnerable.
tubegalore.com… vulnerable.
tune.pk… vulnerable.
tuniu.com… vulnerable.
turkcealtyazi.org… vulnerable.
tusfiles.net… vulnerable.
tz4.com… vulnerable.
ubersuggest.org… vulnerable.
ucla.edu… vulnerable.
uiuc.edu… vulnerable.
umd.edu… vulnerable.
unetenet.com… vulnerable.
unionpaysecure.com… vulnerable.
unity3d.com… vulnerable.
uploadbaz.com… vulnerable.
userscripts.org… vulnerable.
uservoice.com… vulnerable.
usmagazine.com… vulnerable.
utorrent.com… vulnerable.
utsandiego.com… vulnerable.
uyan.cc… vulnerable.
vbox7.com… vulnerable.
vic.gov.au… vulnerable.
viki.com… vulnerable.
vipzona.info… vulnerable.
vmoptions.com… vulnerable.
vocabulary.com… vulnerable.
vodafone.co.uk… vulnerable.
vudu.com… vulnerable.
wakeupnow.com… vulnerable.
wanggou.com… vulnerable.
wannonce.com… vulnerable.
wasanga.com… vulnerable.
waseet.net… vulnerable.
watchcric.com… vulnerable.
watchtower.com… vulnerable.
weather.gov… vulnerable.
weathernews.jp… vulnerable.
web.de… vulnerable.
webartex.ru… vulnerable.
webbirga.net… vulnerable.
webempresa.com… vulnerable.
webinarjam.com… vulnerable.
webinarjam.net… vulnerable.
webpagetest.org… vulnerable.
webutations.org… vulnerable.
wenyard.com… vulnerable.
wetransfer.com… vulnerable.
wikispaces.com… vulnerable.
windguru.cz… vulnerable.
wine-searcher.com… vulnerable.
winscp.net… vulnerable.
wisegeek.com… vulnerable.
wisegeek.org… vulnerable.
wistia.com… vulnerable.
wordcounter.net… vulnerable.
work.ua… vulnerable.
worldoftanks.asia… vulnerable.
worldoftanks.com… vulnerable.
worldoftanks.eu… vulnerable.
worldoftanks.ru… vulnerable.
worthofweb.com… vulnerable.
worthytoshare.com… vulnerable.
worthytoshare.net… vulnerable.
wowkeren.com… vulnerable.
wpml.org… vulnerable.
wpmudev.org… vulnerable.
xda-developers.com… vulnerable.
xmarks.com… vulnerable.
xml-sitemaps.com… vulnerable.
xojane.com… vulnerable.
xtool.ru… vulnerable.
xxxbunker.com… vulnerable.
yahoo.com… vulnerable.
yatedo.com… vulnerable.
yify-torrents.com… vulnerable.
yjc.ir… vulnerable.
ymlp.com… vulnerable.
yts.re… vulnerable.
zagat.com… vulnerable.
zap2it.com… vulnerable.
zdf.de… vulnerable.
zenhabits.net… vulnerable.
zeobit.com… vulnerable.
zergnet.com… vulnerable.
zimbra.free.fr… vulnerable.
zive.cz… vulnerable.
zoho.com… vulnerable.
zomato.com… vulnerable.
zone-telechargement.com… vulnerable.
zoom.com.br… vulnerable.
zoomit.ir… vulnerable.
zorpia.com… vulnerable.
zovi.com… vulnerable.
Source
Github.com/musalbas
Heartbleed Bug – SSL Mass Compromise
On April 7, 2014, it was announced that all version OpenSSL 1.0.1 series up to and include 1.0.1f had a severe memory handling bug in the implementation of the TLS Heartbeet Extension. The vulnerability might also reveal parts of the users’ requests and responses that could involve passwords. It is estimated that 17% or 500K of the Internet’s secure web servers might have been vulnerable to this attack.
Cnet is reporting that Yahoo Properties were potentially compromised. This would include Yahoo, Flickr and Tumblr. It is recommended that end users change their Yahoo passwords and do not use a password that they have ever previously used. In other words, create a new password and never re-use and old one.
Here are some resources on this mass compromise.
CNET ‘Heartbleed’ bug undoes Web encryption, reveals Yahoo passwords