What is Heartbleed?  It’s a vulnerability in certain versions of the OpenSSL software that is widely used across the internet to secure connections.  This bug was initially disclosed on April 7th, if you’d like to see more details on this bug please visit this site:  heartbleed.com.  After doing an audit of our servers we discovered that many were using one of the affected versions of OpenSSL.  All of our servers were updated with new fixed versions of OpenSSL by noon (EST) on April 8th.  In addition to getting the servers updated we’ve also replaced our SSL certificate with a new one and updated our API keys with the company we use to handle all of our billing.

Due to the nature of this vulnerability it’s extremely difficult to know if any of the affected servers were exploited.  At this time we’ve seen no evidence that any user information or data has been compromised.  As an extra precaution, we are recommending that users go ahead and update their passwords.  If you need help changing your password please see the below guides:

Podcast Hosting Customers:  https://support.libsyn.com/faqs/manage-your-account/

MyLibsyn Premium Subscription Customers:  https://support.libsyn.com/faqs/managing-your-mylibsyn-account/