I’m sure most of you are well aware of a critical vulnerability in OpenSSL named Heartbleed. This vulnerability has rocked the world of secure communications. Over 66% of all sites could be affected! Not something to sneeze at. Everyone has been scrambling to patch this vulnerability.
Camcloud’s response to Heartbleed
Camcloud was using a version of OpenSSL that was vulnerable to Heartbleed like many others at the time of the announcement. We took immediate action to assess our infrastructure and patch any affected systems.
At Camcloud, we take security very seriously. Certain organizations can tell you that there is no evidence data was compromised but that is a tough claim to make. In my opinion one the worst possible things about Heartbleed is that it is not detectable. Knowing that we have to proceed with an abundance of caution. Because the vulnerability may have exposed private SSL keys, we have rotated all payment processing keys and we have reissued all SSL certificates.
What should you do as a user
Simple. Change your password. I know this is a pain, everyone hates this but it must be done. Changing your password for Camcloud is great but don’t stop there. Make sure you check every service you use. Remember this vulnerability affects two thirds of all active sites out there. If there was anytime to roll over your passwords, now is it.