These legal websites had the Heartbleed security flaw
The Heartbleed security flaw has affected several websites popular with lawyers.
Robert Ambrogi’s LawSites identifies several afflicted websites. They include Box and Dropbox, two document-sharing sites popular with lawyers. The legal websites that were affected include Mootus, Estate Map, MyCase and CLIO, all of which say they have patched the security flaw.
Lawyers who used a website with the bug should change their passwords after the problem is fixed.
The Lawyerist has a post on what lawyers need to know about the Heartbleed bug. The bug was in open-source software called OpenSSL that potentially allowed people to see encrypted data. There is not yet any evidence, however, that any data was stolen.
The Lawyerist says changing passwords is a minimum ethics duty for lawyers. The blog says lawyers should also encrypt their hard drives, back up their hard drives, use password managers and use two-factor authentication when websites offer it.