A major vulnerability in the technology that powers encryption
across much of the internet was discovered this week. Like many
other companies, we took immediate action to ensure our
infrastructure and customers’ websites were safe.
We wanted to let you know that your website is not directly
affected by the “Heartbleed Bug,” because your website does not
use SSL/TLS for communication. As such, no encryption keys and
security certificates have been exposed and member-only content
is unaffected. Internally, we primarily use SSH to access our
servers and that also was unaffected by the vulnerability.
As a best practice, we are working with our vendors to update our
server infrastructure regardless.
We don’t feel any further steps are necessary to inform your
users. We want to remind you that we always strongly recommend
against publishing or collecting any sensitive information (e.g.
social security and credit card numbers) on your website.
Let us know if you have any further questions or concerns at
Dennis Stevense is responsible for managing the development team
and planning ongoing development of the platform. He has a
Bachelor of Science in Computer Science and Engineering from
Delft University of Technology in the Netherlands as well as an
International Baccalaureate English A2 Higher Level Diploma for
near-native proficiency in English.