GJSentinel.com & the Heartbleed OpenSSL Vulnerability
On Wednesday, April 9th we were made aware of an internet-wide security vulnerability called ‘Heartbleed’ that affects the OpenSSL framework. OpenSSL is used by many sites on the internet, including GJSentinel.com. To protect our users sensitive data we immediately turned off vulnerable services to eliminate any potential security breaches. In addition to turning off vulnerable services, we deployed the fixed OpenSSL libraries before reenabling services utilizing OpenSSL.
Open-SSL is an open source software suite that is widely used to encrypt web communications. Heartbleed is a vulnerability in the software that could potentially allow others to read decrypted data from live sessions in server memory.
Since OpenSSL is widely used by many internet services, we recommend checking if other services you use (email, banking, shopping etc.) have been affected before logging into them again. Furthermore, as with any security incident involving exposure of user data, we recommend changing all your passwords once these services have updated their OpenSSL as well.