A security loophole called heartbleed that impacted a significant number of services on the internet was recently discovered by security experts. Our servers were impacted as well, but they have since been patched up and are no longer vulnerable. You are requested (strongly recommended) to change your password as a precaution. Read on for more details.
WHAT HAPPENED? A major vulnerability in OpenSSL (an implementation of SSL and TLS security protocol) was found and a security advisory was issued by the OpenSSL project on April 7, 2014.
WHAT’S HEARTBLEED? A weakness which hackers can exploit to eavesdrop on data, which is encrypted for secure transactions. Here is an 8 minute video to understand this bug: http://vimeo.com/91425662
WHO WAS AFFECTED? Everyone on the internet, directly or indirectly. To check if a website that you use is vulnerable, simply enter the URL here: http://filippo.io/Heartbleed/
WHAT DID EZOfficeInventory DO ABOUT IT? We upgraded to OpenSSL 1.0.1g which is not vulnerable, and moved to an entirely new set of servers. We have also put in additional safeguards for enhanced security.
WHAT YOU – AS A USER – SHOULD DO? Change your password now. Same goes for any other websites you log in to including Gmail, Facebook and Amazon.
Learn more about heartbleed at http://heartbleed.com/. It’s probably the first bug in internet history which was this scary and yet had a really cool logo.