What is it?
On 7 April 2014 a major security vulnerability, known as “Heartbleed”, was publicly disclosed. It affects the technology that powers encryption for a majority of internet services (about two-thirds).
Although Nimbox employs this technology, the newer versions we use are unaffected. We have no evidence of any breach and, like most service providers, took immediate action to mitigate any future breach, including re-issuing the encryption keys across our network.
What does this mean for you?
The little padlock icon (HTTPS) you trust to keep passwords, emails, bank details and internet browsing safe from interception, could actually be making some of that private information accessible to those who know about, and can exploit the vulnerability.
What should you do?
First of all, your Nimbox files are safe.
We do recommend, however, that you take the time to change your passwords, everywhere, including Nimbox if you use the same password elsewhere — starting with your high-security services such as online banking and email.
You’ll be hearing more about this vulnerability in the news over the next few days but, as always, it’s better to take action now.
Again, your Nimbox files have always been secure, and we’ll continue to work hard to protect your data.