The Heartbleed bug affects a widely used encryption protocol known as OpenSSL. In short, the vulnerability tricks servers into spilling (or "bleeding") data from its memory, potentially giving hackers aware of the flaw access to sensitive information such as credit-card numbers and passwords.

Karjalainen — along with Codenomicon colleagues Riku Hietamäki and Matti Kamunen and Google security's Neel Mehta (who worked independently of Codenomicon) — is credited with being the first to discover the flaw. Karajalainen said he was working with Hietamäki on updating new features for Codenomicon's protocol test suite when they discovered the bug.