Security Update: Heart Bleed

10 Apr 2014 By Roger Devine

The widely-publicized vulnerability in Open SSL has affected most e-commerce web applications on the Internet, and our software is no exception. We have been working on fixing this, and wanted to give you an update.

The process of updating all necessary servers and services is almost complete. The last step will involve re-routing traffic from our main servers to our backups for a short time, and then back again a few minutes later. In doing so, there should be no downtime but those of you who are logged in when the changeover happens may need to log in again. This will happen in the next few hours.

Although we have no specific information about any loss of data, we are advising people to change their passwords the next time they log in as a precautionary measure. The wide publicity may cause concern by your guests. One thing to reassure them is that no credit card information is stored on our servers. Password changes made anytime from Friday April 11 on will be done after all the changes are in place.

Thank you for your patience.