Tuesday, Sep 2, 2014Tuesday, Sep 2, 2014
World
 

NSA denies exploiting 'Heartbleed' vulnerability

Published on Apr 12, 2014 6:13 AM
 
File picture illustration of the word 'password' pictured through a magnifying glass on a computer screen, taken in Berlin on May 21, 2013. The US National Security Agency on Friday denied a report claiming it was aware of and even exploited the "Heartbleed" online security flaw to gather critical intelligence. -- FILE PHOTO: REUTERS

WASHINGTON (AFP) - The US National Security Agency on Friday denied a report claiming it was aware of and even exploited the "Heartbleed" online security flaw to gather critical intelligence.

The stern denial came amid growing panic among Internet users the world over about the newly exposed flaw, after a report by Bloomberg News said the spy agency decided to keep quiet about the matter and even used it to scoop up more data, including passwords.

"NSA was not aware of the recently identified vulnerability in OpenSSL, the so-called Heartbleed vulnerability, until it was made public in a private-sector cybersecurity report," NSA spokeswoman Vanee Vines said in an email.

"Reports that say otherwise are wrong." OpenSSL is online-data scrambling software commonly used to protect passwords, credit card numbers and other data sent via the Internet.

 
If you are not a subscriber, you can get instant, unlimited access here