Parenting website Mumsnet, which has more than one million members in the UK, has been hit by hacking bug Heartbleed.
In a statement, founder Justine Roberts said: “Last week we became aware of the Heartbleed bug and immediately applied a fix to close the OpenSSL security hole. However, it became apparent that users’ data submitted via our login page had been accessed prior to our applying this fix.
“As a result, we decided to require all registered Mumsnet users to change their passwords. We have no way of knowing which or how many accounts were affected but have advised users to change passwords on other sites, particularly if they use the same password on Mumsnet as elsewhere.”
The Heartbleed bug is described as a “serious vulnerability” in the popular OpenSSL cryptographic software library which affects the web, email and instant messaging among other applications.
The bug was discovered by security firm Codenomicon and Google researcher Neel Mehta. While CVE-2014-0160 is the official name of the bug, it is known informally as Heartbleed.