We would like to assure our users that Convene is not affected by Heartbleed, the serious vulnerability found in the open-source OpenSSL cryptography library.
OpenSSL is used by majority of online sites to secure data on the Internet and to protect the privacy of customers, but the Heartbleed bug allowed attackers to access the encryption keys used to safeguard confidential information. Criminals in possession of these keys could decrypt data in traffic between a user and a website’s server. For more than two years, this breach remained undetected until it was discovered in early April this year.
Social media sites, online banking sites, and email clients have been affected and exposed to possible malicious exploitation by remote attackers. Majority of them have already performed the necessary changes to prevent such this from happening in the future.
Around two-thirds of all websites are said to be affected, but the Convene portal is not one of them. We always ensure that our software is secure because our clients’ privacy is one of our top priorities. Still, we advise our users to regularly change their passwords and to keep from using the same password across different websites.