We acted as soon as we heard about the problem to ensure our servers and your data are protected from anyone trying to use this vulnerability.
However we recommend all users update their passwords to ensure they have not been compromised.
Many users use the same password and email combination across multiple services - making your account vulnerable to intrusion if you use the same details on another service which is not protected.
You can check if the services you use are affected by this vulnerability here:
If any of the services you use are still vulnerable, then you should not change your password on those services, as they could still be stolen. Contact the service provider and request that the issue will be resolved immediately.
This vulnerability was widely spread on the Internet, and affects a huge number of service providers.
The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library, which is used on around 66% of all servers on the Internet. It encrypts online traffic so it cannot be monitored – you may have heard about SSL before – and is responsible for the lock showing up in your browser on some websites to indicate they are secure.
This program in a number of versions had a bug which allowed reading the data which was supposed to be encrypted – thereby potentially allowing the theft of usernames and passwords. Some very big companies where effected, including Facebook, Google, Yahoo, Twitter, GitHub, Tumblr, Steam, DropBox, HypoVereinsbank, PostFinance, Regents Bank, Commonwealth Bank of Australia.
GlobeCharge, Santu and ShopFactory servers where updated as soon as the bug was made public, to prevent any intrusion.
We take data security very seriously. And we don’t just rely on SSL to encrypt your data on our servers. Based on our research we do not believe that our services were breached, but the nature of the attack is such, that it is impossible to detect – which is why changing passwords is being highly recommended by most service providers online.