The Heartbleed Bug

As I’m sure most have heard by now, a critical vulnerability in the popular OpenSSL cryptography software was announced this week. Nicknamed the Heartbleed Bug, it affects most versions of OpenSSL and the widely used open source web servers Apache and nginx. An estimated 66% of all websites were vulnerable to the bug. If you want to find out everything there is to know about Heartbleed, I encourage you to visit If you’re looking for the short version, I found this CommitStrip comic helpful:

Heartbleed Comic

FreshAddress’s Response:

Luckily, FreshAddress only had one system affected by Heartbleed  and it was one that didn’t contain sensitive information like usernames and passwords. This system has been patched and we have reissued SSL certificates to the affected service.

General Advice:

For all sites where you use login credentials, be sure to check with that site to see if they were vulnerable to Heartbleed. If they were, you should update your credentials (ONLY after the site has confirmed they have patched the bug) with a strong password – choose something at least 8 characters long using a mix of upper and lowercase letters, as well as numbers and symbols. Also, if you use the same username and password for all of your sites holding valuable information, now is the perfect time to remedy that. A service I personally use and recommend to manage passwords is LastPass. LastPass also has a nifty tool to help you determine if sites you use are vulnerable:

Recent Posts

With over 2,000 clients and 12 billion email addresses processed, FreshAddress wanted to make it easier for both our current and prospective clients to understand exactly how seriously we take data security. So, we went ahead and got SOC 2 certified! Just to give a quick overview, Service Organization and Controls (SOC) are assurance reports which […]

We are excited to announce that our free email analytics tool, Free List Check, was upgraded! Free List Check now offers greater insight into your email list by providing the actual counts of the toxic and damaging emails in it. Specifically, this comprehensive report can tell you how many spamtraps, honeypots, and spam complainers comprise […]
Chat with us