What You Need To Know About The Heartbleed Bug

By now, you've probably heard about the Heartbleed Bug -- a major vulnerability in the popular OpenSSL software library that is used by two-thirds of all websites on the internet, including GoodData. The bug allows attackers to read the memory of a web server and access sensitive data, compromising the security of the server and its users. Heartbleed has already affected millions of websites, including banks, social media networks, and email services.

At GoodData, we are committed to protecting our customers' data. When the news broke on Monday afternoon, we took immediate action. Within hours, we deployed an updated version of the library to all affected GoodData services, which were also restarted, and invalidated existing authenticated user sessions. We have also urged all GoodData users to change their passwords, especially if they logged in after the bug became public on April 7.

At this time, we are unable to determine if sensitive information including authentic credentials was actually accessed by an attacker, but we are monitoring the issue 24/7. If you are a GoodData user and you believe your information has been compromised, please contact your account manager or email support@gooddata.com.

We want to emphasize that this news does not mean your information has necessarily been stolen. It means that it may have been vulnerable to theft. For GoodData users, we are confident that the right fix has been applied and we will continue to provide the highest level of security possible.

Find out more about how this issue affects you and what GoodData is doing about it by reading our security notice here.