We have received several queries by concerned customers regarding the Heartbleed vulnerability that has recently been announced in the press.
The vulnerability affects sites that are not patched, who make use of a piece of software called OpenSSL.
We can assure you we are not affected by this vulnerability because:
- We do not use OpenSSL
- We have already scanned ourselves for the vulnerability and we have been found not to have it.
- We are regularly scanned for such vulnerabilities by Trustwave to ensure we conform to industry standards for handling credit cards on line.
We would also like to point out that some of the sites that try to detect these vulnerabilities have become overloaded because so many people are checking them. A few are giving time-out messages which people are mistaking for a vulnerability.