Earlier this week, a security vulnerability (CVE-2014-0160) was discovered called “Heartbleed”. This impacted many of the secure websites on the internet. We have received a few questions, so I thought I would take the time to respond publicly.
The vulnerability is in particular versions of OpenSSL used by the majority of web servers in the world. We immediately applied the security recommendations according to CVE-2014-0160 and are not susceptible to this security notice.
However, because of the wide ranging nature of the vulnerability, it is advised that you change passwords or API keys on other services that you may use.
If you use these services, you should change your password immediately on their website.
This list is not exhaustive, so I highly recommend taking the time to update any passwords that you use. I can also highly recommend using a password manager such as 1Password.
We take systems security seriously, and are happy to help with any further questions you might have. Email me directly at firstname.lastname@example.org.
Craig Sullivan Founder, launch.ly