LINKOPING, SWEDEN – April 14, 2014 - There has recently been a widely publicized bug regarding OpenSSL known as "Heartbleed". Since we have gotten some questions regarding this, we at Configura wanted to inform you that we have not been affected, since we are not using any of the vulnerable versions of OpenSSL.
"We’re happy that we never were affected by this bug. We’re always working to ensure security, and the integrity of our users is most important to us,” Chief Information Officer Tobias Wester said.
What is Heartbleed?
In short, Heartbleed is a bug that enables anyone on the internet to extract a random chunk of memory - up to 64k - from a server, and without the server operator being able to detect it. This means that with enough time and effort, a hacker might extract passwords, private keys and pretty much anything else located in the memory of a server.
More information about the Heartbleed bug can be found here http://heartbleed.com/