The Heartbleed Bug is a security risk that made headlines last week. It presents a vulnerability in the OpenSSL cryptographic software library that implicates encryption features. It is the encryption technology behind many websites that collect personal or financial information (typically indicated by a lock icon in the browser to tell the user the site is secure).
The Heartbleed Bug allows anyone on the Internet to see the memory of the systems protected by the vulnerable versions of the OpenSSL software. If infected, the keys used to identify the service providers and encrypt names and passwords could be compromised. A fix has been released.
BAS has thoroughly inspected its web servers, routers, switches and network appliances and has determined that there is no indication that any BAS equipment was implicated. BAS does not use any features of systems that have identified vulnerability issues to the BAS systems.
BAS takes the privacy and security of clients’ information very seriously and stays on top of security news, patches and updates. If you have questions about BAS’ security processes, please contact security@BASusa.com.
