A significant flaw named the “Heartbleed Bug” (http://en.wikipedia.org/wiki/Heartbleed_bug) has been discovered and poses a large security threat to the internet as a whole. The Heartbleed bug is present in the software library OpenSSL which is used by many websites to privately send data to and from an internet server.

Fortunately, our servers were not affected by the Heartbleed bug when it was publicly disclosed. 

The Heartbleed bug has had a profound impact on the transmission of secure data throughout the Internet. It is for that reason that we are encouraging you, our customer, to reset your member area password at your earliest convenience as a matter of common password maintenance. Please remember to always make your passwords unique, random, and periodically rotate them. 

We encourage you to change your password, both on our website as well as any others that you use, as many services have been affected.

CNet compiled a list of popular websites as to whether they are vulnerable to the bug or not, and whether they have been patched or not.  They have also indicated whether a password change was recommended on those sites.  That good information is here:  http://www.cnet.com/news/which-sites-have-patched-the-heartbleed-bug/

You can also check websites you may visit regularly to see if they are vulnerable or patched by entering their domain name at the following site:  http://filippo.io/Heartbleed/

Friday, April 11, 2014

« Back