April 14 2014

How we fixed the Heartbleed bug

by Marie Peach-Geraghty, posted in Product Updates on 14 April 2014

We have made Crowdicity completely safe from Heartbleed.

Last week the internet-wide security vulnerability called ‘Heartbleed’ was widely reported by the media. It affects web servers running a package called OpenSSL which is used by many websites. The Heartbleed bug - so called because it exploits a failure in a function called heartbeat - allows attackers to potentially eavesdrop on confidential encrypted data. In addition it then allows them to take the encryption keys used to secure the data. We want you to know that we have made Crowdicity completely safe from Heartbleed. As soon as we heard about the issue we immediately took urgent steps to ensure our system and your data would be secure.

Here’s what we did;

  • As soon as the Heartbleed security advisory warning was released a patch was automatically installed to our servers during routine daily security updates, making Crowdicity servers invulnerable to attack.

  • Next, we revoked all our SSL certificates and immediately replaced them with ones generated from new encryption keys.

There was no downtime during this process and there was no loss of data.

Do I need to do anything?

As precautionary measure, we strongly recommend that you reset your password for Crowdicity. Here are two ways you can do this:

Click ‘Logout’ in the top right of any platform screen.

There will then be an option to click: ‘forgot my password.’

You will be sent an email with a link to a page where you can reset your password.


Go to ‘My profile’.

If you click ‘edit’ you are given an option to change your password.

If you have any questions about this or anything else please contact us on hello@crowdicity.com

Heartbleed image via: http://media3.onsugar.com/files/2014/04/10/801/n/1922507/6643975fa133c86a_heartbleed-bug.xxxlarge.jpg

Written by Marie Peach-Geraghty for Crowdicity

Marie Peach-Geraghty

Marie is an experienced account manager, having previously spent 5 years at Avery Dennison handling a range of high profile clients. As an Acccount Manager at Crowdicity, Marie has been on board with the…

blog comments powered by Disqus