Most of the internet was reacting this week to an exploit called Heartbleed.
On Tuesday, we had closed the primary vector of attack and tweeted about it.
We’ve upgraded OpenSSL to address the Heartbleed bug. http://t.co/gOdC9RkUTn . One exception is Amazon’s ELB which they are working on.
— Customer IO (@CustomerIO) April 8, 2014
We received a few questions since then and wanted to more broadly talk about how we’ve addressed the Heartbleed bug.
The next thing you do should be to log out and log back in. We wanted to expire cookies, but learned that could have unintended consequences.
Thanks so much & best of luck patching all of your services too.