How We Fixed
the Heartbleed bug
On Tuesday 8th April 2014, we were made aware of an internet-wide security vulnerability called ‘Heartbleed’. Heartbleed affects the OpenSSL framework which is used by many websites to privately send data to and from an internet server.
To protect your data from Heartbleed, we preemptively turned off our Sync Service to eliminate any potential security breaches. We want you to know, that Wunderlist’s Sync Service is completely safe from Heartbleed.
How we’ve kept your data safe and sound
- We protected your data by preemptively turning off our Sync Service, eliminating any potential security breaches by stopping all communication to our servers.
- We deployed the updated OpenSSL libraries.
- We renewed all of our SSL certificates.
- We logged out all users to ensure that everyone would create new, secure connections.
Want to know more?
If you have any questions or want to learn more, please take a read of our in-depth article at the Wunderlist Support Center. Also, one of our engineers, Duncan Davidson, has written a personal account of what happened in more technical detail.