On April 7, 2014, a team of security researchers announced the discovery of a critical vulnerability dubbed “The Heartbleed Bug”, found in OpenSSL, a widely-used open source cryptographic software library which allows attackers to read the memory of the systems using vulnerable versions of OpenSSL software.
This may disclose the secret keys, which allows attackers to decrypt and eavesdrop on SSL encrypted communications and impersonate service providers. In addition, other data in memory may be disclosed including names and passwords of the users or other data stored in memory by the service
We have run a number of checks on all of our servers and can confirm none of them are vulnerable to “The Heartbleed Bug” Our tests included using various security systems like SSLabs which gave all our servers a good secure ratings.
