[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

FW: Update: Sonic.net MOTD: The Heartbleed Bug and You: Change Your Passwords!

To: noelle
Subject: FW: Update: Sonic.net MOTD: The Heartbleed Bug and You: Change Your Passwords!
From: http://dummy.us.eu.org/robert (Robert)
Date: Wed, 09 Apr 2014 17:53:03 -0700
Keywords: fusion

I can help you change your sonic.net password if you want.

 > From: Support Group <http://www.sonic.net/~support>
 > Date: Wed, 9 Apr 2014 17:33:55 -0700
 >
 > _[ http://corp.sonic.net/status ]_( Sonic.net System Status)_
 > 
 > https://corp.sonic.net/status/2014/04/09/the-heartleed-bug/
 > 
 > We always keep your privacy and security in mind.
 > 
 > By now you'd be hard pressed to have missed coverage of The Heartbleed bug
 > in OpenSSL.  At this point, Sonic.net is joining many other providers and
 > recommending that you change your passwords for your online services.
 >  This is important for high value accounts like banking and finance or
 > other accounts that protect your personal information and data.  Do not
 > forget to change your ISP and email account passwords!  These are
 > especially important since access to your email account can be used to gain
 > access into most of your online services.
 > 
 > We do not have any reason to believe that we, or any of our users, were
 > targeted.  However, this attack was undetectable and the cautious response
 > is to assume that sensitive information has been leaked.  In the interest
 > of full disclosure we are providing a complete list of affected services
 > and systems.  It should be noted that all of the vulnerable services
 > support PFS wherever possible and should our private keys have been leaked,
 > they cannot be used to decrypt any past traffic in most cases.
 > 
 > Customers may change their passwords in the membertools using the password
 > tool.
 > 
 > If you have any questions, please post them in our forums.
 > 
 > As of 21:45 on April 7th, all vulnerable systems had received an
 > update to fix this bug.
 > 
 > The following sites and services were vulnerable:
 > 
 > 	imap.sonic.net (login credentials were not vulnerable, only keys)
 > 	pop.sonic.net (login credentials were not vulnerable, only keys)
 > 	mail.sonic.net (login credentials and mailflow in/out)
 > 	legacy-webmail.sonic.net
 > 	webmail.sonic.net
 > 	forums.sonic.net
 > 	wiki.sonic.net
 > 	corp.sonic.net
 > 	newsignup.sonic.net
 > 	public-api.sonic.net (used by mobile apps)
 > 	fusionbroadband.com (used by our wholesale partners and customers)
 > 	srapi.sonic.net (used by our wholesale partners)
 > 
 > All of these systems have had their certificates replaced except for the
 > following which are still pending reissue by our CAs:
 > 
 > 	legacy-webmail.sonic.net
 > 	wiki.sonic.net
 > 	forums.sonic.net
 > 
 > The following sites and services were not vulnerable due to running an
 > early version of OpenSSL:
 > 
 > 	mx.sonic.net (inbound mail)
 > 	members.sonic.net
 > 	signup.sonic.net
 > 	listman.sonic.net

Prev by Date: Re: today
Next by Date: Your Sonic.net account password has been changed
Previous by thread: Re: heartbleed openssl problem
Next by thread: Your Sonic.net account password has been changed
Index(es):
- Date
- Thread