Get Our Free Newsletter

Join 10,000+ of your peers! Get our latest WorkersCompensation.com articles delivered to your email inbox for free

Full name:
Email:
Home | Corporate News | WorkersCompensation.com Statement Regarding Heartbleed SSL Security Issue

WorkersCompensation.com Statement Regarding Heartbleed SSL Security Issue

By
Font size: Decrease font Enlarge font

It was revealed last week that a flaw was discovered in some versions of security encryption code used by millions of websites around the world. The coding error, now commonly referred to as the "Heartbleed bug", was part of the ubiquitous OpenSSL architecture used by businesses and financial institutions all over the world to encrypt their data and keep it safe. Heartbleed would potentially allow hackers, who were aware of this vulnerability, access to the encryption keys used by an affected website. With that information they could theoretically mimic the site or be able to decrypt sensitive data sent to and from that site. Furthermore, this type of attack is completely undetectable, so companies with affected versions of this system have no way of knowing if their server keys have been compromised.

WorkersCompensation.com has reviewed the OpenSSL versions on all of its servers, and has determined that none of our domain properties carried a version containing the Heartbleed bug. User accounts and data handled by workerscompensation.com, workcompresearch.com, flashformssl.com and compevent.com were not exposed by this coding error. Additionally, the partner website workcompanalysisgroup.com was not affected. However, out of an abundance of caution, the company will be re-keying all of its SSL certificates and continue the review of its security encryption software.

WorkCompResearch subscribers will be advised when this process is complete, and will be able to change their passwords if they so choose. Even though company systems were not compromised in this particular situation, it is recognized that many users employ common passwords across multiple sites. Usernames and passwords compromised elsewhere may still provide a risk to subscribers within WorkersCompensation.com systems.

Rate this article

0

Subscribe to comments feed Comments (0 posted)

total: | displaying:

Post your comment

  • Bold
  • Italic
  • Underline
  • Quote

Please enter the code you see in the image:

Captcha
  • Email to a friend Email to a friend
  • Print version Print version
  • Plain text Plain text
The CompNewsNetwork is brought to you free of charge courtesy of these fine sponsors:

Powered by Vivvo CMS v4.7