How We Fixed
the Heartbleed bug

April 9, 2014 - Comments

On Tuesday 8th April 2014, we were made aware of an internet-wide security vulnerability called ‘Heartbleed’. Heartbleed affects the OpenSSL framework which is used by many websites to privately send data to and from an internet server.

To protect your data from Heartbleed, we preemptively turned off our Sync Service to eliminate any potential security breaches. We want you to know, that Wunderlist’s Sync Service is completely safe from Heartbleed.

How we’ve kept your data safe and sound

  • We protected your data by preemptively turning off our Sync Service, eliminating any potential security breaches by stopping all communication to our servers.
  • We deployed the updated OpenSSL libraries.
  • We renewed all of our SSL certificates.
  • We logged out all users to ensure that everyone would create new, secure connections.

For you, this now means you’ll have to simply log back into Wunderlist. We also strongly recommend that you reset your password for Wunderlist.

Want to know more?

If you have any questions or want to learn more, please take a read of our in-depth article at the Wunderlist Support Center. Also, one of our engineers, Duncan Davidson, has written a personal account of what happened in more technical detail.

comments powered by Disqus