We have made Crowdicity completely safe from Heartbleed.
Last week the internet-wide security vulnerability called ‘Heartbleed’ was widely reported by the media. It affects web servers running a package called OpenSSL which is used by many websites. The Heartbleed bug - so called because it exploits a failure in a function called heartbeat - allows attackers to potentially eavesdrop on confidential encrypted data. In addition it then allows them to take the encryption keys used to secure the data. We want you to know that we have made Crowdicity completely safe from Heartbleed. As soon as we heard about the issue we immediately took urgent steps to ensure our system and your data would be secure.
Here’s what we did;
As soon as the Heartbleed security advisory warning was released a patch was automatically installed to our servers during routine daily security updates, making Crowdicity servers invulnerable to attack.
Next, we revoked all our SSL certificates and immediately replaced them with ones generated from new encryption keys.
There was no downtime during this process and there was no loss of data.
Do I need to do anything?
As precautionary measure, we strongly recommend that you reset your password for Crowdicity. Here are two ways you can do this:
Click ‘Logout’ in the top right of any platform screen.
There will then be an option to click: ‘forgot my password.’
You will be sent an email with a link to a page where you can reset your password.
Go to ‘My profile’.
If you click ‘edit’ you are given an option to change your password.
If you have any questions about this or anything else please contact us on firstname.lastname@example.org
Heartbleed image via: http://media3.onsugar.com/files/2014/04/10/801/n/1922507/6643975fa133c86a_heartbleed-bug.xxxlarge.jpg