As a follow-up of the Heartbleed vulnerability issue, we have reviewed all Koffeeware services for impact for the issue described in CVE-2014-0160.
A short explanation, for over two years, the Internet’s most popular implementation of the Transport Layer Security (TLS) protocol has contained a critical defect that allowed attackers to pluck account passwords, authentication cookies, and other sensitive data out of the private server memory of websites. Koffeeware sites were among the millions of web sites using the OpenSSL library, and thus affected by this vulnerability.
Required security updates have been installed tuesday morning and Koffeeware services are no longer vulnerable. This said, as an added precaution, we recommend to change account passwords. If not already done, it is a good time to switch to more complex passwords. As always, security-conscious users should consider using unique, randomly generated passwords at least nine characters long that contain upper- and lower-case letters, numbers, and symbols.