HeartBleed Bug and netAdventist
netAdventist customers may wonder whether our services were affected by the Heartbleed OpenSSL bug. Here is a summary for your information:
1.) netAdventist uses OpenSSL to secure the management areas of web sites by encrypting traffic between the customer's web browser and the netAdventist server.
2.) A bug was recently discovered in OpenSSL that could have made this otherwise encrypted traffic readable by someone who intercepted it. This bug was not in the netAdventist software itself, but rather in the supporting infrastructure software (OpenSSL).
3.) Many of our servers use versions of OpenSSL not affected by the Heartbleed bug.
4.) When the bug was announced, we patched our servers with fixed versions of OpenSSL.
5.) We have re-issued the secure certificates for affected servers.
What you should do:
Periodically changing your password is a good practice in any case, so we recommend netAdventist customers change their password at this time, regardless of which server your site is hosted on.
You can learn more about the Heartbleed vulnerability at heartbleed.com.