On April 7th, security researchers disclosed a serious vulnerability in the widely-used OpenSSL security library. This security library is utilized by over two-thirds of the Web, fortunately this did not affect ShiftPlanning.
This vulnerability, officially known as CVE-2014-0160 (nicknamed Heartbleed), allows malicious attackers to read private memory (and therefore sensitive data) in servers running vulnerable versions of the OpenSSL security library.
While this vulnerability didn’t directly affect ShiftPlanning we still recommend that our users take a minute to learn about HeartBleed, and update passwords across many common services.
For additional reading please see:
If you have any questions, please feel free to e-mail us at firstname.lastname@example.org