On April 7, 2014 information was released about a new vulnerability (CVE-2014-0160) in OpenSSL. This vulnerability, known as Heartbleed, affects a large number of servers and would allow an attacker to steal the keys that protect communication, passwords, and user data of a vulnerable server.

In response, we have patched our servers with a protected version of OpenSSL, installed new SSL certificates, and revoked the old ones. All login sessions have also been expired. So the next time you visit Stratopan.com, you’ll have to enter your credentials again. I apologize for this inconvenience.

We have no reason to believe Stratopan was compromised by the Heartbleed vulnerability. However, you can take extra precaution by changing your password and generating a new access token. You can accomplish that by clicking the “Edit Your Profile” button on your home page, or by navigating to https://stratopan.com/<your_login>/settings/account after logging in.