The Heartbleed Bug - Change Your Passwords
CVE-2014-0160, also known as the “Heartbleed Bug” was reported by researchers on Monday this week to the OpenSSL team. This bug exposes a weakness in the encryption implementation used by a significant portion of internet services which secures the communications you make between your personal browser and our servers. Your passwords and other sensitive information may be at risk. Yahoo, Amazon, ourselves, and many others have been affected by this issue.
One of the unfortunate side-effects of this means of attack is that it leaves no signs of exposure. The bottom line is that we aren’t fully sure if any of our users have been affected. What we have done is to closely monitor unusual access to your accounts from unexpected IP addresses (locations in the world) as well as any improbable usages of our payments system. To this end, we have not detected any breaches of security. Regardless, we have copied our production data backups to a secure location in the event that any of our users experience such an attack.
Last night, we brought down our SSL endpoint, the security relay through which our encryption services are executed, for an update to resolve this issue. For our part, the Heartbleed Bug will no longer pose a threat to Homeschool Minder users. But just as a precaution, we recommend that all users immediately change their passwords. We also highly recommend that you visit any services you frequently use, especially those that may secure highly personal or financially sensitive information, to find out if they have addressed this issue yet.