On Monday, April 7, security researchers published information about a bug in the OpenSSL cryptographic software library. OpenSSL powers the encryption used to secure the internet—everything from websites to instant messaging to virtual private networks. The bug, called Heartbleed, could affect about 2/3 of encrypted internet traffic.
As of now, all Populi servers have been patched against this vulnerability, and we have no reason to believe that any of our clients' data was compromised. Due to the critical nature of this issue, we performed the patching during business hours today—rather than after hours as we normally do—so our apologies to anyone who was affected! We’ll continue to monitor the situation and post further updates if necessary.
To the best of our knowledge, Populi has been locked-down against this bug and all data is secure.