We would like to assure our customers that the 'Heartbleed Bug' that is gaining notoriety over the internet for leaving many websites vulnerable to hackers, is not affecting Discount Supplements customers.
On Tuesday (8th April) the OpenSSL Project released information of the recently discovered CVE-2014-0160 vulnerability. It is estimated that around 60% of websites use OpenSSL, but not every one of these will be using the vulnerable version, so the total number of sites affected will be much smaller.
In layman's terms there is a software bug in the OpenSSL which is used to encrypt your sensitive data like passwords when you use a website (you will most likely recognise this in the form of a padlock letting you know the site is secure). The vulnerability allows attackers to see this sensitive data and use it to impersonate a user.
What does Heartbleed do?
The bug allows an attacker to capture 64kb chunks from the memory of a server, opening the door to all information considered sensitive including passwords, credit card numbers and addresses.
What steps have Discount Supplements taken to protect me?
As soon as we were made aware of a potential issue our servers were scanned to ensure that we were not affected by this vulnerability. We are pleased to report our servers do not use any of the affected versions of OpenSSL.
Do I need to do anything?
There is no need for you to change your password on the Discount Supplements website at this time.
We hope this goes some 'whey' to putting your minds to rest.
Best and kind regards,