A screenshot from a Tumblr dashboard of an alert on heartbleed sent from the Tumblr staff.
Heartbleed continues to dominate the news and scare the daylights out of all of us. The massive data flaw has thrown a huge curveball to millions of companies and the collective fix is a big, expensive deal.
"When you add up all these IT hours as well as physical costs, you know, buying additional software for security reasons for these companies. I have to believe that the cost will probably be in the billions," says tech consultant Tim Bajarin.
Another blow that's a bit harder to calculate: the PR cost
"You first need to fix the issue. Plug the hole and then secondly, you need to re-instill confidence in your user base so that Heartbleed doesn’t continue to drain you, even after the fact," says data consultant Will Riegel. He says many consumers have scaled back online shopping and other transactions and coaxing them back will require outreach.
Riegel says it will take months before we can start to assess the full economic impact of Heartbleed.
Neel Mehta, Bug Bounty Hunter
Heartbleed is going to cost a lot of people a lot of money. But even before IT departments everywhere kicked into overdrive to install patches, there were already big bucks at play courtesy of a bug bounty paid to the man who discovered Heartbleed, Google security researcher Neel Mehta. For his discovery, he received $15,000, which he charitably donated to the Freedom of the Press Foundation, a group that was in the midst of crowd-funding for new encryption tools designed specifically for journalists. Though, some estimate that with the scope of security flaws like Heartbleed, future bounties could yield prizes closer to $100,000 - $500,000.
In the meantime, if you know an IT guy/gal burning the midnight oil, go ahead and buy them this shirt.