Blog | News

Security update: the Heartbleed bug

by Scott Ryburn, CTO, Sharesight | Apr 10th 2014

As has been widely reported, a serious security vulnerability known as the Heartbleed bug was discovered this week. This vulnerability affects OpenSSL, the technology that powers encryption across a large portion of the internet.

heartbleed bug - featured

At Sharesight we closely monitor all aspects of our security and as such we took immediate action to ensure that Sharesight was protected against this bug. The appropriate security updates were applied within hours of this issue being disclosed by the OpenSSL team.

Sharesight is now fully protected against this vulnerability. We have seen no evidence of any malicious behaviour and have no reason to believe that the security of Sharesight was breached in any way.

Keeping your data secure

We’d like to take this opportunity to remind you that good password security is essential to keeping your data secure.

We recommend that you take a moment to update your Sharesight password now, especially if you have not updated your password recently or have used the same password on other websites. (To update your password, login to Sharesight, and visit the "My Details" page under "Account Settings".)

Here are our tips for password security

  1. Complex passwords are more secure. Try to use a mix of upper and lower case characters, numbers, and symbols. We recommend using a password that's at least 8 characters long. Our password strength indicator will give you an idea about how secure your password is.
  2. Don't use the same password for multiple websites.
  3. Make sure you only enter your password on our secure website. The first part of the website address should read Sharesight will never ask you for your password via email or over the phone.
  4. Only use the 'Keep me logged in’ option on your own password protected computer, never on a public computer.