Consumers respond to—and try to suture—the Heartbleed bug

29% of U.S. adult Internet users think the software vulnerability put their personal information at risk, and 39% of them have taken measures to protect themselves, a new Pew report says.

Amy Dusto

Three weeks after the public became aware of an Internet-spanning software vulnerability known as the Heartbleed bug, 29% of U.S. online adults say they believe the flaw has put their personal information at risk, with another 6% saying their information was actually stolen, according to a new report from the Pew Research Center.

45% of Internet users who had heard of the bug report feeling vulnerable. And many are acting to protect themselves: 39% say they’ve taken measures to protect their online information, such as by changing passwords or closing web accounts, the report says. That number rises to 61% for the Internet users who had heard of the Heartbleed bug.

Pew surveyed 1,501 U.S. adults, including 1,303 Internet users (87%), by telephone in English and Spanish April 23-27. Follow-up questions regarding the bug’s impact were asked only of those respondents who had heard of the bug.

Although other Pew Research Center results have demonstrated consumers’ increasing concerns about the security of their online information, which could affect their web shopping behaviors, the newest report reveals that Americans seem to have “mixed and middling views about the security of their information online” in general. Among the Internet users in the survey, 46% say their online accounts are “somewhat secure,” 23% say “very secure,” 13% say “not too secure,” 13% say “not at all secure” and 5% don’t know.

In an attempt to quantify how much the Heartbleed bug might be to blame for consumers’ changing attitudes towards online data security, Pew asked how much they’d heard about each of the following: the Heartbleed bug, Edward Snowden’s leaking information about the National Security Agency’s domestic surveillance, and tensions between Russia and the Ukraine.

While 60% of U.S. adults (and 64% of U.S. Internet users) say they’ve heard about the Heartbleed bug, only 19% say they’ve heard “a lot” about it. Regarding Putin’s unmarked army and Snowden’s unstamped passport, however, 46% and 51%, respectively, say they’ve heard a lot. According to Pew, that shows “the Heartbleed story drew much less intensity and scope of attention than other big news stories.”

Based on similar questions from previous surveys, Pew says the public is aware of the Heartbleed bug roughly as much as they were about U.S.-Iran negotiations around Iran’s nuclear program in November and December 2013 and about Catholic bishops protesting Obama Administration policies requiring religious institutions to provide contraceptive services to their employees in July 2012.


Data breach, e-commerce, Heartbleed bug, Pew Research, web security