RBCommons and the Heartbleed SSL Vulnerability

On April 7th, the world became aware of a critical vulnerability in the versions of OpenSSL powering much of the Internet. These were very serious problems that could allow attackers to gain access to certain confidential data on the server. This vulnerability is known as Heartbleed.

The vulnerability was, fortunately, found by security researchers, and companies like Red Hat and Amazon were quick to put out patched builds.

We take security very seriously, and rushed to update and replace our SSL certificates, ensuring our users would be safe in the off chance that anybody had decided to target us. We are not aware of any attempts on RBCommons, and want to keep it that way.

Even though we don’t believe anyone has targeted RBCommons, we still have a couple recommendations for you.

  1. Reset your password, just to be safe. It might be a good time to evaluate whether you’re using a strong enough password, as well.
  2. Turn on two-factor authentication. This will help keep your account secure, requiring a token code sent to your mobile phone in order to log in.

If you have any questions or concerns, please contact us.

Christian Hammond

President/CEO of Beanbag. Developer of Review Board and RBCommons. Lover of sushi and bees. Not at the same time.