Thursday, 17 April 2014

Market Dojo and the Heartbleed vulnerability

On April 7th 2014, security researchers discovered a serious vulnerability (CVE-2014-0160) in OpenSSL, a very popular cryptographic library used by many websites. This library ensures secure communication between server and client but also confirms the identity of the server.

What is Market Dojo doing about this?
  • We have confirmed that none of core systems were affected as we do not use a version of OpenSSL which was affected.
  • We have checked with our technology partners.  Our CRM, Support and Accounting systems were affected, although all swiftly moved to address the problem and are no longer at risk.  They have also confirmed that they have no indication that the vulnerability has been exploited against these systems.
What should you do?
  • If you use the same password on Market Dojo which you also use for another service, which was compromised, we recommend changing it in Market Dojo too. 


Post a Comment