Heartbleed Bug

A security vulnerability, named the Heartbleed Bug, was discovered in the OpenSSL library which is commonly used to secure web-based applications and sites. ProAct Online and the NuDatum website are running on a Microsoft IIS server which does not use OpenSSL. Microsoft IIS uses SChannel for managing SSL encryption. The Heartbleed bug affects only OpenSSL and does not affect SChannel or SSL in general. ProAct Online and the NuDatum website ARE NOT directly affected by the Heartbleed bug. Additionally, we performed an audit to determine if any systems that interact with ProAct Online or the website were affected by the Heartbleed bug. We found that none of the systems that interact with our servers use OpenSSL. ProAct Online and the NuDatum website DO NOT directly interact with systems affected by the Heartbleed bug. Because the effects of Heartbleed are so far reaching and the fact that it is impossible to secure a computer network without third party assistance (e.g., we must purchase SSL certificates and use some third party hosting) we have take the precaution of changing all passwords, certificates and keys. This will ensure that even if the systems of a vendor we rely on for security were breached that there is no chance that our systems will be affected. This was strictly a precautionary measure. These security items are retired on a recurring basis but the schedule was accelerated. Please feel free to contact us with any questions or concerns.