PASS Training & Compliance

View Original

Heartbleed Security Update

Heartbleed BugBy now I'm sure most of you are aware of the Heartbleed bug, and its implications for the internet, but for those who aren't, here's a quick explanation from heartbleed.com:

The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. SSL/TLS provides communication security and privacy over the Internet for applications such as web, email, instant messaging (IM) and some virtual private networks (VPNs).

Also - for those like myself who prefer pictures, the popular web comic xkcd summed up how the vulnerability worked very nicely.After carefully reviewing our technology infrastructure we've been able to determine that neither PASS Training or PASS Tools were affected by this bug, meaning no customer data was ever exposed or accessed from our systems.Our payment processor, Stripe, also reported that there is no proof that any data was compromised on their system.We take our customers' privacy and security very seriously, so please feel free to reach out to me directly if you have any concerns our questions - kyle@passtesting.com