Earlier this week, a critical security vulnerability was disclosed in OpenSSL, a widely used cryptography software library. A potential hacker exploiting this vulnerability could read confidential data from a server without needing credentials. This vulnerability, called Heartbleed, affected the majority of websites and internet companies, including Amazon, Heroku and more.
As a company you trust with your data and your customer data, we take your information very seriously. Immediately following the disclosure, we realized we were vulnerable and started to work on securing our servers. We first confirmed that Heroku and Amazon Web Services, whom we rely on, had taken the necessary steps, and we were able to finish securing our servers by Tuesday evening.
Over the past few days we’ve taken even more steps to shore up our overall security, and just yesterday finished deploying new SSL certificates, along with new keys.
It’s highly unlikely that our systems were compromised, and we’ve found no evidence of a breach, but out of an abundance of caution, we recommend that you change your Hipmob password.
If you have any more questions or want to know more about the steps we’ve taken, just email firstname.lastname@example.org. Thanks for being an awesome customer.
Femi & Ayo