Widely used cryptographic software library OpenSSL, has been rocked by a serious vulnerability known as the Heartbleed Bug. MailGuard advises that at no time have any of their systems been exploitable as a result of this vulnerability and that customer data therefore is, and always has been, secure.
Simon Cocking, Co-founder and Technical Director of MailGuard, says the Heartbleed Bug can have a catastrophic affect on those who remained vulnerable during the time this weakness was being exploited.
“Essentially the bug has left many organisations exposed to having their private keys stolen, but more worryingly for them, they won’t have any idea that this has occurred.” said Cocking. “The vulnerability has left it wide open for hackers to steal information completely unnoticed.”
OpenSSL software is used to protect email servers, websites, chat programs, networks and associated communications. Vulnerable versions of the software have been widely deployed for more than two years. Even in cases where organisations have been exposed for a far shorter duration, the security of private keys cannot be assured and these keys now must be revoked and reissued.
Development Operations Director, Peter Fuggle, advises everyone speak to their hosting and network providers to determine their level of vulnerability.
“MailGuard customers can remain assured that we have not left them open to this security breach and therefore their information was, is, and will remain secure. Unfortunately that may not be the case for customers of other providers.”
