Regarding the "Heartbleed" Bug
On April 7th, a vulnerability called Heartbleed was discovered in some versions of the popular OpenSSL software, which is used by a majority of the world’s web services to encrypt communication between the user and the service. Heartbleed allows a third party to potentially access private data from the server.
Many websites worldwide – including LightSpeed – have been running vulnerable versions of OpenSSL. As of now, all of our services have been updated and can no longer be affected by this bug.
While there’s no indication that any LightSpeed data was compromised, it is possible that information such as passwords and cardholder data may have been intercepted. You should change your passwords everywhere, including on LightSpeed’s services.
- If you’re using LightSpeed Pro, update to version 3.9.6 [Download Link]
- If your running a LightSpeed Web Store not hosted with us, speak with your hosting provider for more information
If you have questions on what you can do, feel free to contact our support team. Protecting the data of you and your customers’ is our highest priority. For more information about the Heartbleed bug, visit Heartbleed.com.
Director of Cloud Services, LightSpeed