We’ve received some messages from concerned OCC customers regarding the recent security flaw in OpenSSL that has made the news the past two days.
If you’re not familiar with ‘Heartbleed’ bug (Officially called CVE-2014-0160) you can read more about it here.
We wanted to take the time to let you know that we have not seen any reports of compromised data from our systems. The nature of that exploit makes it impossible for us to know if we were a target; so we can only go off of customer reports of exposure as well as our own access reports. We haven’t had any of this sort. Our systems have already been patched with the latest OpenSSL libraries as of yesterday immediately after they were available.
As an extra precaution, you may choose to change your account and agent passwords for additional self-security.