Sydney, Australia – 10 April 2014
What is Heartbleed?
“A major vulnerability in common encryption software affecting many websites and online services” according to the Australian Government StaySmartOnline site. This bug allows hackers to access information and data communicated or shared via secure sites (sites where you see “HTTPS” or a padlock in the URL). This flaw is based on the implementation of an OpenSSL library, it is not a flaw in SSL protocol specification.
Visit http://heartbleed.com/ for more technical information.
What’s at risk?
Including but not limited to any password protected sites you may access, e.g. bank accounts, email accounts, instant message, virtual private networks (VPNs), online shopping or payment accounts, etc. Not all HTTPS sites have been affected.
ElcomCMS clients – NOT AFFECTED
If you are an Elcom client your site has not been affected. Our servers were not, and are not susceptible to this kind of OpenSSL vulnerability. This is because whether we are hosting, or you are hosting the elcomCMS platform, the webserver required to do so, does not use OpenSSL for its certificate technology.
What do you need to do if there is a chance you or your business is at risk?
We recommend that you consult with your IT department, or make contact with companies where you have online accounts for further information or advice.
Things to consider: Update all your passwords for any secure gateways that you use. As stated before, this includes, but is not limited to, your email accounts, online banking, online shopping accounts, etc.
BEFORE YOU UPDATE PASSWORDS: There is no point in updating passwords on sites that might still be vulnerable, if you would like to check if the sites that you are using are still vulnerable, please use the following site to test:
This site will inform you if the URL in question is vulnerable to the Heartbleed issue. Only after you have confirmed that it is not vulnerable should you change your password.
For more information on Heartbleed
Australian Government announcement