Some of you may have heard about the Heartbleed Bug recently (while others may not have any clue what it is). No matter which you are, we wanted to help ease your mind in regards to the security of your website if you host with us.
What is the Heartbleed Bug
The Heartbleed Bug is a very serious vulnerability of the OpenSSL library that is commonly installed on servers around the world. It is a common library that is used for servers, so most applications need to be verified to ensure they are not open to a security hole. Under normal instances, if a server has a secure certificate installed (by the SSL/TLS encryption) that means that all of your data is encrypted and secure. However, this bug allowed exploiters to read the memory of the systems that were protected, compromising the secret keys for encrypting the data. With those keys, anyone could steal data being passed between the sites, even though it says the website is secure.
What do you need to do?
You may have received an email notification from some of your favorite websites prompting you to change your password. That is the easiest way to ensure your data is secure in case your login information was possibly compromised during this time. Businesses have checked their servers and fixed the bug before notifying customers, so if you received a notification, after changing your password, you should be ok. This does not mean your information was stolen, but as a precaution, it is best to change your passwords anyway.
Does this affect our websites / servers?
We checked our servers and confirmed that the OpenSSL version that we are running is NOT a version that is affected. Therefore your data is still secure and no further action is needed for our clients.
If you would like to read more about the Heartbleed Bug, you can do so at: http://heartbleed.com.