Despite the panic over the Heartbleed bug this spring, over 300,000 servers remain unprotected against the security vulnerability.
According to Robert David Graham, a researcher for Errata Security, 309,197 servers have yet to be patched to protect against the bug, Business Insider reports.
The Heartbleed bug is a flaw in OpenSSL, the software used to secure communication between web browsers and websites. Hackers exploiting the bug can access a wealth of sensitive data, including communications, credit card information, usernames and passwords. (RELATED: Programmer responsible for Heartbleed bug: It was an accident)
Graham, who has been conducting a monthly analysis of servers still exposed, has found that the rate at which servers are being patched has dropped significantly, demonstrating a declining effort to protect against the bug.
“This indicates people have stopped even trying to patch,” Graham said.
Business Insider has provided some tips for protecting data from the Heartbleed bug. Users should make a list of sites with which they have accounts and check the vulnerability of those sites using CNET’s list, Heartbleed checkers are also available from LastPass, Filippo Valsorda, or browser extensions for Chrome and Firefox. If the site is vulnerable, users should avoid using the service as much as possible; and if the site has been patched, any passwords should be changed immediately.