How PipelineDeals Secured Your Data from Heartbleed
On April 7, the OpenSSL project issued a Security Advisory that detailed a serious vulnerability in the encryption software in use by a large percentage of the internet. This vulnerability (nicknamed “Heartbleed”) would potentially allow attackers to retrieve information from encrypted SSL endpoints.
As of Tuesday April 8, we have secured PipelineDeals authentication infrastructure against Heartbleed. As a precautionary measure, we strongly encourage you to change your password. Click here to change your password.
What is OpenSSL & Heartbleed?
Open-SSL is an open source software suite that is widely used to encrypt web communications. Our internet host, Amazon Web Services, uses it to keep your data private and secure when it’s synced to and from your phone, computer or tablet to our servers. Heartbleed is a vulnerability in the software that could potentially allow others to read decrypted data from live sessions from server memory.
What has PipelineDeals done to make sure my data is safe?
As of Tuesday April 8, we have secured PipelineDeals authentication infrastructure against Heartbleed. We worked with our partners at Amazon Web Services to deploy new components using the updated and fixed OpenSSL. Additionally, we replaced our SSL certificates.
Although we have secured PipelineDeals against Heartbleed, we strongly recommend that you change your password. Click here to change your password.
I clicked on the link to update my password, but I’m having problems updating my password. What should I do?
If you are having a hard time updating your password, please click on this link to request a password reset. If you are unable to change your password and do not receive a password reset message, please contact us at firstname.lastname@example.org or call us at 866-702-7303.
What about other services I use?
OpenSSL is widely used by many internet services. We recommend checking if other services you use, including email, banking, shopping, etc. have been affected before logging into them again. Furthermore, as with any security incident involving exposure of user data, we recommend changing all your passwords once these services have updated their OpenSSL as well.