By Patrick Byrne
As most of you have probably heard by now, a security vulnerability (known as Heartbleed) was made public last week which affected a large number of sites and services. In short, this vulnerability had the potential to allow attackers to see otherwise-secure HTTPS traffic, such as users’ passwords.
Upon learning of the vulnerability, we immediately contacted our hosting provider to assess the situation. The good news is that Dribbble was not impacted by this vulnerability, because we are not using a vulnerable version of OpenSSL on our load balancer which handles HTTPS traffic. This means that your secure traffic with us was not visible to potential attackers.
That said, if you use the same password on Dribbble that you use on another site which was affected, we strongly recommend that you change it. If you’re not sure, it’s probably wise to change your password anyway.
Find more Updates stories on our blog Courtside. Have a suggestion? Contact stories@dribbble.com.
