This week, a critical security vulnerability called ‘Heartbleed’ was made public on the internet, which affected most of the internet’s secure services (any website that has a URL starting with https://).
Whilst YUDU doesn’t deal with banking or financial information, we felt it was important to respond as if we were, and with all urgency we corrected this in our services, completing that as of yesterday, patching the affected software on all services, and renewing the certificates that we use to ensure security for our users.
Heartbleed is such an important issue for two reasons - the first being that most of the internet’s services are running using the software affected, but also, it’s not possible to determine whether a site has been compromised using this method (it leaves no trace). As such, any service who was vulnerable should be replacing their security certificates as standard after patching the security software.
We strongly advise that you change your passwords on all websites running on https://, and check with each service you use, to ensure that they’ve either dealt with Heartbleed, or have confirmed that they were not vulnerable, due to the inability to detect any intrusion.
Many thanks,
The YUDU Team
Comments