NSA denies exploiting 'Heartbleed' vulnerability
Published on Apr 12, 2014 6:13 AM
WASHINGTON (AFP) - The US National Security Agency on Friday denied a report claiming it was aware of and even exploited the "Heartbleed" online security flaw to gather critical intelligence.
The stern denial came amid growing panic among Internet users the world over about the newly exposed flaw, after a report by Bloomberg News said the spy agency decided to keep quiet about the matter and even used it to scoop up more data, including passwords.
"NSA was not aware of the recently identified vulnerability in OpenSSL, the so-called Heartbleed vulnerability, until it was made public in a private-sector cybersecurity report," NSA spokeswoman Vanee Vines said in an email.
"Reports that say otherwise are wrong." OpenSSL is online-data scrambling software commonly used to protect passwords, credit card numbers and other data sent via the Internet.
To continue reading, log in if you are a subscriber
Enjoy 2 weeks of unlimited digital access to The Straits Times. Get your free access now!