Heartbleed: Your Data is Safe with Sailthru

heartbleed-copy

At Sailthru, the security and privacy of your data – and that of your customers – is our highest priority. The CVE-2014-0160 (also known as the “Heartbleed” Bug) was disclosed on April 7, 2014. In order to keep you informed, Sailthru Client Services has compiled a brief FAQ list and directions below:

• What is the HeartBleed bug?

The HeartBleed bug is a vulnerability in OpenSSL. It exists because of a flaw in the OpenSSL implementation of the TLS/DTLS.

• Was the my.sailthru platform impacted?

No. My.sailthru does not use the OpenSSL implementation of the TLS/DTLS and was not impacted by the Heartbleed bug. And even though my.sailthru had no exposures, our Engineering and Operations team proactively replaced all SSL certificates across our systems as a best practice to further ensure data security.

• Do I need to take any steps?

Yes. As part of our best practice for data security, Sailthru requires you to update your passwords for Sailthru Advanced Analytics. If you used your Advanced Analytics password for any other Sailthru account, Sailthru also requires that you update those passwords.

As a more broad data security practice, we strongly encourage you to reset all of your passwords for any account on the web, especially if you re-use passwords. For your convenience, here is a list of the many sites known to have been affected by Heartbleed.