The Heartbleed bug was disclosed on 1st of April 2014. This massive security vulnerability in OpenSSL protocol has been present since the relase of OpenSSL version 1.0.1 on March 2012. While it left people scrambling to change their passwords left, right and center, we'd like to inform our customers, that our websites and the managed hosting accounts have been save and secure.
Our servers used OpenSSL version 1.0.0 and 0.9.8 which where not affected by the Heartbleed bug . To ensure none of our certificates have been compromised during its issuing process on third party servers and communication channels, we renewed all our SSL certficates.
What should you/your customers do next?
No data on our servers has been breached. The certificates on your managed hosting have been reissued as well. You don’t need to take any action regarding our site or services. However, this bug has been out there for a long time and it's possible that sites you or your customers regularly visit would be susceptible the vulnerability.
You can check whether or not sites are susceptible using this tool: http://filippo.io/Heartbleed/
We recommend you and your customers generate new passwords for any website in which sensitive information is stored, such as email, banking, etc. However, you should wait until these sites have updated their OpenSSL version and replaced their certificates with new certificates being issued on 8th of April 2014 or later.