IFTTT Says It Is ‘No Longer Vulnerable’ To Heartbleed

If This Then That (IFTTT, one of our favourite automation services) has just emailed customers to say that it has updated its SSL service so that it is no longer vulnerable to the Heartbleed security bug. I suspect we’re going to be seeing a lot of emails like this over the coming weeks.

Here’s the relevant text from the IFTTT email:

A major vulnerability in the technology that powers encryption across much of the internet was discovered this week. Like many other teams, we took immediate action to patch the vulnerability in our infrastructure. IFTTT is no longer vulnerable. Though we have no evidence of malicious behavior, we’ve taken the extra precaution of logging you out of IFTTT on the web and mobile. We encourage you to change your password not only on IFTTT, but everywhere, as many of the services you love were affected.

As we noted in our writeup of Heartbleed, the sensible time to change passwords is after a given site has confirmed it is no longer vulnerable. If you change your password on a still-vulnerable site, there’s no guarantee the update might not also be subsequently accessed by a malicious hacker.


The Cheapest NBN 50 Plans

Here are the cheapest plans available for Australia’s most popular NBN speed tier.

At Lifehacker, we independently select and write about stuff we love and think you'll like too. We have affiliate and advertising partnerships, which means we may collect a share of sales or other compensation from the links on this page. BTW – prices are accurate and items in stock at the time of posting.

Comments