The Heartbleed bug is a security vulnerability that was announced April 7 2014. Early estimates indicate approximately 960 million websites world wide could be vulnerable, or 66% of all websites. For more info on the bug itself please visit http://heartbleed.com/

 

The media is now advising the public to be wary of sites that claim they were not affected by this bug, so in true Oshtugon fashion we will be open and honest regarding our experience with the Heartbleed Bug.

 

We got off easy on this one, after an audit of our systems only one of our servers had a compromised version of OpenSSL installed, this server was put into service just a couple weeks before the bug was discovered so chances are very low that anyone had a chance to exploit it. This server is not used to store any sensitive data so there would not be any personal customer data on it to be stolen. The patch was applied shortly after it was made available and other precautionary steps were taken to protect our network in the future.

 

Best wishes and good luck to all the system admins who have yet to deal with their OpenSSL issues