The Heartbleed bug that affected more than half a million widely trusted websites and web-applications including major banks also initially affected ASIMUT servers. We decided not to suspend services and instead deploy the official patch as soon as it was available for the infrastructure we use. All ASIMUT servers were patched within 24 hours after the first public announcement of the bug.

The heartbleed bug is a flaw in the commonly used OpenSSL server software that allows a hacker to disclose small random fragments of the servers memory, potentially revealing user’s passwords.

The timespan between the publication of the bug and the patching of our servers was relatively short and we have no indications of unauthorized or unusual access to any ASIMUT servers. However we cannot guarantee that passwords of ASIMUT users were not compromised. We therefore recommend that all ASIMUT users change their passwords to be on the safe side.

More information here: