Last week some of the largest websites and email systems in the world were exposed to a bug called Heartbleed.

The bug affects some web servers (those running later versions of OpenSSL), and it has the potential to expose private information users enter into websites, applications, web email and even instant messages.

The Heartbleed bug allows malicious operators to defeat security layers, eavesdrop on communications and and obtain private information such as passwords.

APN (publishers of the Herald) applied patches to our websites last week and we have seen no evidence of malicious activity on our systems, however many social media sites and email systems were affected so we strongly advise all of our readers to do the following:

1. If you use Gmail or Yahoo Mail, change your password. Ensure you do this first.

2. Change your Facebook, Google+, Tumblr and Instagram passwords. It's still not clear whether Twitter has been affected, so we'd suggest changing that too.


3. Change your NZ Herald password. Head here to do that. Once there, click on 'Profile', scroll down and change your password.

If you are on a mobile device then you will need to swap to the desktop site via the link at the bottom of the screen and follow the steps above.

If you have any questions or concerns, please feel free to contact us here.

Read more:
How the Heartbleed bug reveals a flaw in online security