CanadaHelps’ Response to CVE-2014-0160 (Heartbleed)



April 14, 2014: This post has been updated to reflect the most up-to-date information available.

The security of our CanadaHelps Donors and Charity partners is of the utmost importance to us.

We wanted to take a moment to address how the team at CanadaHelps rapidly responded in light of the April 7th disclosure of CVE-2014-0160, better known as Heartbleed, a security vulnerability that impacted nearly all service providers on the Internet.

What did CanadaHelps do about it?
CanadaHelps’ Chief Technology Officer and Web Operations Team immediately completed a comprehensive security review as a direct response to the situation. We stopped using the impacted software, and while there was no evidence that our https certificate was compromised, we prudently replaced it anyway.

Am I at risk?
Our internal investigation showed no evidence that any CanadaHelps user or account credentials were compromised.

Many service providers on the internet were affected by this vulnerability; however, the risk this vulnerability posed to CanadaHelps donors is low.

It is good practice to occasionally change your password on all the websites you use on a regular basis. As an extra precaution, we recommend you change your CanadaHelps Account password at this time.

We take your online security seriously. We are confident that we have taken the necessary steps to eliminate this vulnerability and protect your personal information.

If you still have questions, please contact our customer support team at 1-877-755-1595 or email info@canadahelps.org.

Sincerely,

The CanadaHelps Team


Updated on October 31, 2024

Your Help Matters!
Donate Now