Heartbleed Security Update
SwimTopia would like to provide a Heartbleed security update. Earlier this week security researchers made public their discovery of a serious security vulnerability known as the Heartbleed Bug, which at the time of the announcement affected an estimated two-thirds of all secure internet websites.
The Heartbleed Bug was caused by a flaw in OpenSSL, a popular software library used by thousands of computer programs to secure communications on the internet, including software used to provide our SwimTopia service.
Thanks to the quick action of our platform provider, Heroku, all servers used to run SwimTopia were updated to remove this vulnerability less than 24 hours after the initial public announcement.
While we have no reason to believe SwimTopia was a target of attacks related to the Heartbleed security vulnerability, in an abundance of caution we have taken the additional step of resetting all administrative passwords used to operate our service and integrate with 3rd-party services. We have also updated all private keys and certificates used to secure communications with SwimTopia and have revoked all previously used certificates.
As an extra precaution, we have invalidated all existing user login sessions, forcing users to login again to access their SwimTopia accounts. All SwimTopia users, especially those with administrative access to their team accounts, are encouraged to change their passwords as soon as possible. The “Change Password” link can be found under “My Account” once logged into your team’s website.
For more information about the security precautions SwimTopia takes to protect customer’s data, we invite you to read our Help Center article about Privacy, Performance and Security. If you have any questions or concerns, we’d love to hear from you. Please drop us a line at [email protected]