As many of you are well aware, on Monday April 7th,2014 a serious security vulnerability was announced concerning the OpenSSL project (CVE-2014-016) which concerned a large number of SaaS solutions, and Evercontact as well.
We treat the security and availability of your data with the highest priority, and while we have no reason to believe that the Heart bleed vulnerability was used to exploit any of Evercontact’s users, we have taken immediate actions to eliminate any future risk.
-
We patched all potentially vulnerable servers on Thursday April 10th,2014
-
We also reset all relevant internal credentials
-
And finally re-issued all SSL certificates
As always, feel free to contact us with any questions, concerns and we do encourage you to be cautious by resetting your Facebook, Gmail and Yahoo passwords as soon as possible (a list of further services impact/not impacted here on Mashable).