NEW YORK – Last April researchers discovered the Heartbleed security bug. Dubbed “the most dangerous security flaw on the web”; it affected over 500,000 websites and dominated national news for weeks.
One year later, a new Dashlane study finds that an alarming 86% of Americans have not heard of Heartbleed.
Concerned by the growing frequency of hacks, breaches and other online security vulnerabilities, Dashlane commissioned the study (conducted on their behalf by Harris Poll in March 2015 among over 2,000 US adults ages 18+) to gauge public awareness and knowledge about online privacy, security and protection. Other notable findings include:
- 65% – Believe the Obama administration has done LESS than corporations to protect them from hackers, breaches, and online security threats in the year following the Heartbleed bug.
- 43% – Would rather have explicit photos/videos of themselves leaked than have hackers steal $1,000 from their bank account.
- 32% – Chose themselves (more than anyone else) when asked which organization or person(s) they expected to do the best job protecting their interests from hackers, breaches and online security threats.
- 1% – Chose their private email as the personal information they are most concerned with online hackers stealing, despite email being an easy front door to valuable and exploitable personal information.
Emmanuel Schalit, Dashlane CEO, states:
That almost 9 out of 10 people have never heard of the most dangerous security flaw of the past year is mind-blowing. Much work remains in educating the public about the dangers that exist online. Attacks such as Heartbleed are becoming more commonplace, and larger in scale, and it’s critical that everyone is aware and educated about the threats as they affect all of us.
Expert Video: http://youtu.be/MEaX2tjUxQE
Full report + methodology and infographic: Dashlane.com/heartbleed
Experts Weigh In
As part of its Heartbleed Study, Dashlane assembled a team of experts from the realms of business, advocacy and academia to provide the public with an assessment of the fallout from Heartbleed, as well as analyze the online security and privacy challenges that lie ahead. Their responses were compiled into a video that can be accessed via the link above. The team included:
- Nuala O’Connor – CEO & President, Center for Democracy & Technology
- Catherine Lotrionte – Director, Georgetown University Cyber Project
- Todd Simpson – CSO, AVG Technologies
- Sunday Yokubaitis – President, Golden Frog
Mr. Simpson explained, ”Very few people registered Heartbleed as affecting their daily Internet lives”, a statement echoed by Professor Lotrionte who said, “The average citizen is not especially worried unless there is a tangible threat they can understand.”
Sunday Yokubaitis compared some Americans to teenagers when it comes to online security and privacy as, “They want to get on the motorcycle, go fast and completely ignore security for the sake of convenience and speed.” Nuala O’Connor, a recent participant in President Obama’s Cybersecurity Summit, stated, ”We’ve just seen the tip of the iceberg in terms of securing our digital lives, reputation and security.”
“Everyone in the digital world needs to know that they are their own first line of defense when it comes to online security”
The experts were in agreement that the biggest online security challenge is public education. All believed that a massive public education program, rivaling or exceeding that of the anti-smoking campaigns, is needed to generate the scale of awareness necessary to change behaviors.
An example of this is the public’s lack of understanding the risks associated with their email. Nearly 3 out 4 (72%) Americans in the Dashlane study said they were more afraid of hackers getting access to their Social Security Number or bank account than private email (1%). This sentiment was reflected in Dashlane’s own internal data as users changed 63 times more passwords on banking and finance websites in the month following Heartbleed than they did for email.
In fact, of the 14 websites that experienced the highest percentage of changed passwords following Heartbleed, 11 were related to banking, finance and payments. Yet, most people fail to realize that email is even more critical as it’s a gateway hackers use to steal exploitable information; a situation that was played out during the Sony hack.
The study also asked consumers who they expect to best protect them from online threats, and nearly 1/3 (32%) of Americans chose themselves. Schalit believes this self-reliance shows that some consumers have the right intuition, but believes this figure should be even higher.
“Everyone in the digital world needs to know that they are their own first line of defense when it comes to online security. There is, without a doubt, a role for governments and technology companies to play in making the online world safer for everyone, but the benefits these organizations can provide are marginal if the average citizen is not educated about the threats that exist and the actions they should take.”
This survey was conducted online within the United States by Harris Poll on behalf of Dashlane from March 10-12, 2015 among 2,014 adults ages 18 and older. This online survey is not based on a probability sample and therefore no estimate of theoretical sampling error can be calculated. For complete survey methodology, including weighting variables, please contact Ryan Merchant (Ryan@Dashlane.com).
Dashlane makes identity and payments simple with its password manager and secure digital wallet app. Dashlane allows its users to securely manage passwords, credit cards, IDs, and other important information via advanced encryption and local storage. Dashlane has helped over 3 million users manage and secure their digital identity, and has enabled over $2.6 billion in e-commerce transactions. The app is available on PC, Mac, Android and iOS, and has won critical acclaim by top publications including The Wall Street Journal, The New York Times, and USA Today. Dashlane is free to use on one device and Dashlane Premium costs $39.99/year to sync between an unlimited number of devices. Dashlane was founded by Bernard Liautaud and co-founders Alexis Fogel, Guillaume Maron and Jean Guillou. The company has offices in New York City and Paris, and has received $30 million in funding from Rho Ventures, FirstMark Capital and Bessemer Venture Partners. Learn more at Dashlane.com.