The U.S. government warned Friday that hackers are scanning computer networks to see which can be penetrated through a flaw in the widely used encryption program OpenSSL.
The Heartbleed bug, discovered Monday, makes vulnerable not only Web servers but also e-mail systems, security firewalls, private computers and even smartphones.
The government asks organizations to report any attacks to the Department of Homeland Security, which is working with state and local governments on uncovering and blocking all potential threats
Heartbleed is a flaw in the encryption program used by many websites, through which hackers can remotely enter computers and steal data, including passwords. Most vulnerable are the sites of big Internet-based companies, such as Google and Yahoo, or retailers like Amazon.
But experts warn that pieces of OpenSSL code also reside on servers, home computers and smartphones and advise the public to change passwords for all sensitive sites, like bank accounts and personal email. Computer code writers are frantically developing remedies, called "patches" to preempt possible breaches.