• Premium News Login
  • WorkCompResearch Member Login
  • Solutions
    • WorkCompResearch
    • Virtual Claims Kit
    • FlashFormSSL
    • Advertising, Branding and Promotional Services
    • CompEvent Conference Registration
  • News, Blogs & Events
    • News Center Home Page
    • View All Articles
    • Featured News
    • The Experts View
    • Current News
    • From Bob's Cluttered Desk
    • Workers' Comp Blog Wire
    • Workers' Comp Best Blogs
      • 2019 Best Blogs
      • Workers' Comp Best Blogs 2018
      • Workers' Comp Best Blogs 2017
      • Workers' Comp Best Blogs 2016
    • Calendar of Events
  • State Info
  • Forums
  • Kid's Chance

  • WorkCompResearch Login
  • Premium News Login
  • Request a Demo






Simplifying the Work of Workers' Compensation



Corporate News

  • Home
  • News, Blogs & Events
  • Corporate News

WorkersCompensation.com Statement Regarding Heartbleed SSL Security Issue

  • 04/14/14
  • WorkersCompensation.com


It was revealed last week that a flaw was discovered in some versions of security encryption code used by millions of websites around the world. The coding error, now commonly referred to as the "Heartbleed bug", was part of the ubiquitous OpenSSL architecture used by businesses and financial institutions all over the world to encrypt their data and keep it safe. Heartbleed would potentially allow hackers, who were aware of this vulnerability, access to the encryption keys used by an affected website. With that information they could theoretically mimic the site or be able to decrypt sensitive data sent to and from that site. Furthermore, this type of attack is completely undetectable, so companies with affected versions of this system have no way of knowing if their server keys have been compromised.

WorkersCompensation.com has reviewed the OpenSSL versions on all of its servers, and has determined that none of our domain properties carried a version containing the Heartbleed bug. User accounts and data handled by workerscompensation.com, workcompresearch.com, flashformssl.com and compevent.com were not exposed by this coding error. Additionally, the partner website workcompanalysisgroup.com was not affected. However, out of an abundance of caution, the company will be re-keying all of its SSL certificates and continue the review of its security encryption software.

WorkCompResearch subscribers will be advised when this process is complete, and will be able to change their passwords if they so choose. Even though company systems were not compromised in this particular situation, it is recognized that many users employ common passwords across multiple sites. Usernames and passwords compromised elsewhere may still provide a risk to subscribers within WorkersCompensation.com systems.



Comments

Be the first person to comment!


You must Login or Register in order to read and make comments!


Member Login

Don't Have an Account? Click Here to Register.


Click Here If You Forgot Password

Click Here If You Are Having Problems Receiving Verification Email

Email to a Friend

Post Comment or Reply

Search

View By Section

  • View All Articles
  • Featured News
  • The Experts View
  • Current News
  • From Bob's Cluttered Desk
  • Workers' Comp Blog Wire
  • CompBob! Friday Joke

View By Author

  • Liz Carey
  • Frank Ferreri
  • Nancy Grover
  • Judge David Langham
  • Heather Schwartz Sanderson
  • Chriss Swaney
  • F.J. Thomas
  • Bob Wilson
  • Bill Zachry


WorkersCompensation.com, LLC. | All Rights Reserved
About Us | Advertise with Us | Contact Us | WorkCompResearch.com | Privacy Policy | Terms | Advertiser Login