On Monday, April 7, a new vulnerability in OpenSSL version 1.0.1 called “Heartbleed” was announced. A security advisory was issued that detailed this serious vulnerability in the encryption software in use by a large percentage of the internet. Nicknamed “Heartbleed”, it potentially allows attackers to retrieve information from encrypted SSL endpoints. Learn More.
We have secured Gremln’s authentication infrastructure against the Heartbleed Bug. Gremln uses a different form of the SSL security software than is at the root of the Heartbleed bug and was not affected. Though we do not believe any Gremln accounts were compromised, we are suggesting our customers be proactive by changing their passwords. This is especially the case if your password and username you use on Gremln is the same as any other site that may have been compromised. This can be accomplished in the Account Settings section of your Gremln account.
The Gremln Team