Heartbleed: No Risk to eCivis Subscribers

Posted by Sami Hoda on Apr 10, 2014 10:00:00 PM

Find me on:

Heartbleed Bug

You've probably read about the security flaw, known as Heartbleed, that has potentially exposed data on Internet servers this week. If you're an eCivis subscriber, rest assured that Grants Network user credentials were NOT at risk of disclosure by Heartbleed.

Earlier this week, a flaw was discovered in recent versions of a security library (OpenSSL) used by the vast majority of web sites offering/requiring secure connections. Vulnerable websites can be coerced to disclose the contents of server memory, which could contain user credentials and security keys.

Grants Network does not use a version of OpenSSL with the bug. Other eCivis servers using vulnerable versions of OpenSSL were patched within hours of the security announcement.

The best source of technical information about Heartbleed is here: http://heartbleed.com/.

There are a few sites that allow you to specify a website for inspection. This one is helpful: http://filippo.io/Heartbleed/.

Feel free to contact us at (877) 232-4847 if you have any questions.

Topics: Grants Management Software, eCivis Resources

Building a Grant Funding Strategy for Cities and Counties


Get Grant Articles

Find Your Topic