On Monday a major vulnerability was discovered in OpenSSL. This vulnerability affected a large percentage of services on the internet, including both our digital services and our clients. The infrastructure team responded immediately to the exploit and all digital services were secured within 24hrs. Our clients with support contracts are no longer vulnerable to this exploit.
We do not have any evidence that any passwords or any other private information has been compromised. As a precaution, we recommend that you reset any passwords for your own and services we operate including Basecamp, Zendesk, Pingdom and others.
This incident is not confined to Connected services, an estimated two thirds of all digital services on the web are affected – not all have been fixed yet.
If you have any questions or concerns, please email us directly at [email protected].