Bloomberg claimed that the U.S. National Security Agency (NSA) knew about the most critical Heartbleed flaw and has been using it on a regular basis to gather. critical intelligence” and sensitive information for at least past past two years and decided to keep the bug secret, citing two sources ‘familiar with the matter’ NSA has issued a ’94 character’ statement today denying the claims that it has known about the bug since two years. The bug resides in the “Heartbeat” feature of the most secured open source encryption protocol, OpenSSL, which is used by several social networks, search engines, banks and other websites.
Source: https://thehackernews.com/2014/04/NSA-Heartbleed-Vulnerability-OpenSSL-Robin-Seggelmann.html