April 14, 2014
Answers to Your Questions about Heartbleed
We know many of our clients are concerned about internet security after learning about the Heartbleed bug last week. Our engineering team provided the following statement outlining Interfolio’s response to the bug:
Interfolio is secured against the internet security vulnerability known as “Heartbleed.” The Heartbleed bug affects the OpenSSL framework used by many websites to encrypt and secure data being transmitted across the internet. There is no evidence that Interfolio was compromised by Heartbleed, however, it is a good idea to update your passwords when a widespread security vulnerability like this one is discovered. We recommend that you reset your Interfolio password at this time.
As soon as we were made aware of Heartbleed, our team of engineers acted to ensure that your personal and account information are kept safe. Here are the actions we’ve taken to safeguard your data:
- Worked with Amazon Web Services to patch all servers against the vulnerability
- Updated and patched our network servers
- Deployed updated OpenSSL libraries
- Renewed all of our SSL certificates
- Verified that Interfolio’s Single-Sign-On was not affected by Heartbleed
- Validated all changes through several CVE Vulnerability Assessment tools
What you need to do: Follow these directions to change your password.
If you want to know more about Heartbleed, you can read a full explanation here and see the FAQ at the Heartbleed website maintained by one of the teams who discovered the vulnerability.
Our clients are our number one priority. If you have any comments or concerns please contact us at firstname.lastname@example.org or (877) 997-8807.