As you may know, a major vulnerability in the technology that powers encryption across much of the internet was discovered this week. TrackingTime’s service provider, Amazon, was susceptible, but has already resolved all issues with its web services offering. TrackingTime takes the security and privacy of your data very seriously. We’re writing to let you know that our team has already taken steps to keep your data safe and sound across all TrackingTime systems.
- Updating vulnerable services to a non-vulnerable version of OpenSSL
- Rotating all existing SSL certificates and revoking the previous certificates
- Restarting all affected servers
The next time you visit TrackingTime you’ll be asked to re-authenticate with your email and password to ensure a freshly secured login session.
To further protect yourself we also recommend you change your TrackingTime password at https://app.trackingtime.co/profile.jsp
For more information about this vulnerability, also known as Heartbleed, visit http://heartbleed.com/