Earlier this week, approximately over 70% active sites using OpenSSL including the open source web servers like Apache and nginx were affected by Heartbleed bug, which is a new vulnerability found in OpenSSL version 1.0.1 and 1.0.2-beta.
Heartbleed allows anyone to compromise the secret keys, encrypt the traffic, customer database and business critical docs and communications without leaving any trace behind. It is a serious security threat to be considered.
The fix was quickly released on April 7th with OpenSSL version 1.0.1g and we are also on top of things. Internet Solutions HK is secured against Heartbleed, though we believe none of accounts account was compromised. To ensure the security to our customers, we will request a global password reset.
We are staying alert and keep ourselves ready against Heartbleed at any moment. If you do have any questions regarding to this issue, please do not hesitate to contact us anytime.
Thank you for your support and we are apologize for any inconvenience this may cause.
Internet Solutions HK Team
Friday, April 11, 2014