'Heartbleed' Update

10th April, 2013 8:12AM

This bulletin details a Historical Event, and is kept for archival purposes only

Earlier this week, a dangerous software fault was uncovered which has been codenamed 'Heartbleed'

This software fault can expose information on servers using OpenSSL as part of a SSL Request or more simply put a large number of sites that use Secure HTTP (Think Padlock in the Address Bar of your Internet Browser)

While this doesn't sound all too bad on face value, what can be exposed in this flaw is any data within a web server's memory at the time, these could be random numbers however these could also just as easily be usernames, passwords, or credit card details. The scarier part of this flaw is that there would be no way of discovering if information had in fact been leaked out.

Understandably, these sites (fd Network included sadly) have been working to protect themselves and their customers. However, because there is no way to tell what if anything has been leaked it is recommended that all users should change their passwords immediately on services that have updated their systems. You can Test your favourite sites for the Heartbleed Vulnerability which will let you know if the site is still currently affected

In the meantime, we would recommend that you stay vigilant (check your email and bank statements for any anomalous behaviour), try to stick with your trusted sites and change your passwords.

If you have any concerns, please don't hesitate to contact the fd Network on 1300 884 386 or reception@fdnetwork.com.au