As many of you may have already heard, early last week a major web vulnerability nicknamed “Heartbleed” was discovered related OpenSSL, a technology used by many websites to encrypt data between users and a website. We at Pligg.com addressed this issue and applied a fix on our own server shortly after the public announcement of the bug, but there are still security precautions that you may want to take to make sure that your account remains secure.
This vulnerability made it possible, although unlikely, for hackers to obtain secure information transmitted through HTTPS connections to this website. Fortunately for us, all payments for the Downloads section of Pligg.com are routed through our payment processor Paypal. Paypal.com was unaffected by this vulnerability, so you can rest assured that any credit card details provided during checkout were not compromised.
The bad news is that like many other sites effected by Heartbleed, it is possible that your username and password credentials may have been stolen. This is why we suggest that everyone updates their password at this time on Pligg.com. You can easily do this from the Change Password page while logged in to your account. We recommend that you choose a unique and strong password for Pligg.com.
It’s important that you only update your passwords across popular websites that have applied a patch for the Heartbleed bug. Changing your password prematurely may actually make you more susceptible to having your password stolen. This is why you may have already received a number of emails over the past week from sites alerting you to update your password.
If you are a website administrator who makes use of HTTPS connections using OpenSSL, you can learn more about how to patch the Heartbleed bug through this article. The process involves updating your version of OpenSSL and re-issuing SSL certificates.