• The Heartbleed Bug - what does it mean for me?
    Apr 18, 2014

    We've all heard about the Heartbleed SSL bug in the media.

    First I would like to reaffirm that none of our SSL clients are directly effected by this bug. We don't use OpenSSL certs on any of our websites. We mainly use Premium Branded Secure Certs such as Comodo and Verisign.

    However most web users will have potentially some exposure to the vulnerability.

    How am I effected?

    According to 'Mashable' the bug has effected many popular websites and services such as Gmail and Facebook. Its possible that sensitive account information (such as passwords and credit card numbers) was 'quietly exposed' over the past two years.

    There's no indication that hackers knew about the exploit

    Its important to highlight many of the major providers Google and Facebook had already patched their servers prior to media release of the exploit. These providers have noticed no unusual behaviour in their accounts.

    Mashable have put together a list of sites and services affected and what action to take here: http://goo.gl/Puomes

    What should I do?

    While you should regularly change your password anyway, we would strongly recommend changing your password for the sites mentioned by Mashable and any you think may be effected. This is especially important if you use the same password across multiple websites.

    For any providers such as Google who offer two factor authentication, an extra layer of security, you should set this up at the same time.

    Read more in our article about passwords, and two factor authentication for Gmail and Google Apps here.

    Where can I find out more about the Heartbleed bug?

    There's a website for that! http://heartbleed.com/