How we reacted to the Heartbleed Bug to protect our customers
As widely reported, an exploit known as OpenSSL HeartBleed CVE was discovered on April 7th. An attacker who exploits the heartbleed vulnerability would have access to the contents of server memory, which means private information could be extracted.
Although it was just found, the bug has been around for more than two years, which means a lot of sites that we all use every day may have been affected. About two-thirds of Web servers rely on OpenSSL.
The Fluxiom application servers were not affected by the Internet security threat Heartbleed.
Only our servers responsible for the initial signup were potential targets so we’ve immediately patched the servers and re-keyed and installed new SSL certificates. This closed the vulnerability of the signup servers.
If you have any questions or concerns, please email [email protected]. For more information on the Heartbleed vulnerability please visit: http://heartbleed.com/