We have been closely following the news of the Heartbleed vulnerability since it was announced this week. Heartbleed affected the core web encryption software behind approximately two thirds of the web sites on the Internet. Services affected by this vulnerability could expose secure Internet communication to unauthorized eavesdropping. A good writeup on this vulnerability and its effects can be found at http://mashable.com/2014/04/08/major-security-encryption-bug-heartbleed/.
Yesterday, we were able to confirm with our infrastructure provider that some of their services were vulnerable to Heartbleed. As soon as they reported this issue to be resolved, we quickly tested to confirm the fix and then replaced all secure certificates across our platform to ensure this vulnerability can no longer impact our customers' security when using the App Press platform.
There is no indication that any customer communication was exposed as a result of this vulnerability, but out of an abundance of caution we are recommending that all customers change their passwords to ensure account security.
Please reach out to us via the Help menu in the suite with any questions or concerns.
Adam Alexander, CTO