Blog: Responding to the Heartbleed security issue

WhisperGifts helps you publish your bridal gift registry online with minimal fuss. You aren't locked into a particular department store, and your guests find it easy to use. Find out more at WhisperGifts.com now.

This blog is where we share insights into our product, explain decisions we're making, and occasionally commentate on the wedding industry at large.

Responding to the Heartbleed security issue

Eye-catching logo for the Heartbleed SSL bug

Technology news in recent days has been dominated by the heartbleed bug. This bug was in a piece of software called OpenSSL, which manages secure website connections for many websites, and allowed malicious parties to trick websites into sharing private information.

WhisperGifts was using a version of OpenSSL that contained the bug. It is impossible for us to know if it was exploited to steal any customer details, however we feel it is highly unlikely.

As soon as we heard about the bug, we installed the patched version of OpenSSL to prevent any attacks from occurring. We have also installed updated SSL certificates on both our public webpage and on our administration portal.

We have also reset all browsing sessions on our site; this means that you will be asked to login next time you return to the website. We have also reset the passwords used for our website administration.

Whilst we have no evidence that any customer information was stolen, it is highly recommended that you change your WhisperGifts password. As always, your WhisperGifts password should be different to other passwords you use online to ensure maximum security.

We would also like to take this opportunity to remind our customers that we do not store any credit card information, so it is not possible that any payment details were stolen in the unlikely event of a Heartbleed-related intrusion.

« Blog Index