Technology news in recent days has been dominated by the heartbleed bug. This bug was in a piece of software called OpenSSL, which manages secure website connections for many websites, and allowed malicious parties to trick websites into sharing private information.
WhisperGifts was using a version of OpenSSL that contained the bug. It is impossible for us to know if it was exploited to steal any customer details, however we feel it is highly unlikely.
As soon as we heard about the bug, we installed the patched version of OpenSSL to prevent any attacks from occurring. We have also installed updated SSL certificates on both our public webpage and on our administration portal.
We have also reset all browsing sessions on our site; this means that you will be asked to login next time you return to the website. We have also reset the passwords used for our website administration.
Whilst we have no evidence that any customer information was stolen, it is highly recommended that you change your WhisperGifts password. As always, your WhisperGifts password should be different to other passwords you use online to ensure maximum security.
We would also like to take this opportunity to remind our customers that we do not store any credit card information, so it is not possible that any payment details were stolen in the unlikely event of a Heartbleed-related intrusion.