Mark Rockwell writes the General Services Administration has recommended that agencies assess their networksâ implementation of the OpenSSL protocol for potential vulnerability to the Heartbleed flaw.
Codenomicon, which first detected the bug, said attackers are able to penetrate Web servers, obtain sensitive data and steal identities of users and companies through Heartbleed, according to the report.
Federal agencies are confident the flaw did not effect their Web services, the report says.
The Centers for Medicare and Medicaid told FCW that the HealthCare.gov and MyMedicare.gov Web sites are free of the bug.
Rockwell writes the Internal Revenue Service also believes the bug did not hit its network.