The NSA reportedly knew about the Heartbleed security vulnerability and exploited it for at least two years, according to a Bloomberg report. Two people familiar with the matter, told the news service that it was regularly used to gather critical intelligence.
According to Jason Healey, director of the cyber statecraft initiative at the Atlantic Council and a former Air Force cyber officer. “They are going to be completely shredded by the computer security community for this.”
The NSA's decision to keep the bug a secret left millions of users at risk. “It flies in the face of the agency’s comments that defense comes first,”
Vanee Vines, an NSA spokeswoman, declined to comment on the agency’s knowledge or use of the bug.
