If you have not already heard about the recent discovery of what’s being called the “Heartbleed” bug in OpenSSL. Basically, this is a vulnerability that existed in OpenSSL for around 2+ years. The vulnerability was basically a gap where encrypted information could potentially be leaked out to hackers. It is important to note that this is NOT due to a flaw in SSL, but rather the platform and implementation of the latest batch of OpenSSL updates.
I am wanting to let all of our clients know that Swefty's website and clients are not affected by this vulnerability directly from our website. However, any of our clients who decided to purchase an SSL not directly from us (Even though we give away free Positive SSL's) are reminded to go ahead and check their version and make sure they are not one of the unlucky people who may have the vulnerability. If so, it is highly recommended that you go ahead and update your SSL immediately!
Even though Swefty's main server and website are not effected, does not mean users don't have to change their password. It is always good to keep up with security and change your password once in a while even if it is not necessary.
There is no way to know if any information was compromised or not if you had one. It’s possible that this vulnerability went undetected by hackers as well, but there is really no way to know. These steps are just to be extra cautious and to ensure the continued security of your information.
Best of wishes to everyone,
Jordan Howard
