A dangerous flaw in a security technique that ironically was used to keep information safe has and will affect a lot of Internet users.
Fear not. Clients, loved ones and healthcare professionals that use our technology can have peace of mind that their information on our systems is safe.
You may have heard that there is a major flaw in the security of the World Wide Web — one that has even Internet security firms feeling a little panicked, according to a recent article “Heart Bleed Bug Could Compromise Large Part of the Internet”.
We want you to know that CreateAbility’s systems and the data in them are safe. Since our technology babysits your loved ones, we take this very seriously.
Fatefully, the most popular open source cryptographic library and data transport layer implementation that is used specifically to encrypt traffic on the Internet has a bug in it. This bug enables hackers to steal password information by causing systems to spew the “secure” information held in RAM – allowing attackers to steal the information.
CreateAbility’s systems keep all of the user account and password information is an encrypted database, and not in RAM.
You can read more about this in the link below, but essentially a massive vulnerability has been found in OpenSSL by a team of security engineers at Codenomicon and Neel Mehta of Google Security (he’s essentially a super Ninja warrior when it comes to protecting data).
In geek speak – OpenSSL is the open-source software package broadly used to encrypt Web communications. The flaw allows attackers to steal the information that is normally protected by SSL/TLS encryption, which is used to protect Web applications, e-mail communications, instant messaging (IM) and some virtual private networks (VPNs).
Essentially, that means a lot of Internet users are affected. And potentially, passwords, private communications and even credit card information could be available to hackers courtesy of this newly-discovered bug.
For more nformation about Heart Bleed, See: