Recently an exploit was discovered which targets a vulnerability in OpenSSL, a software library used on nearly every Internet web server to encrypt data. This exploit is known as ‘Heartbleed’ and affected OpenSSL version 1.0.1. The purpose of this message is to provide an official statement regarding this exploit and Kryptronic Managed Hosting and Kryptronic Software.

Kryptronic Managed Hosting

Lightcrest Data Center (Los Angeles, CA): 1 server vulnerable (patched on zero day); All other servers were not vulnerable. No exploit attempts were detected.

Rackspace Data Center (Fort Worth, TX): All servers were not vulnerable to the Heartbleed OpenSSL exploit. No exploit attempts were detected.

Rackspace Data Center (London, UK): All servers were not vulnerable to the Heartbleed OpenSSL exploit. No exploit attempts were detected.

Kryptronic Software

Kryptronic software packages, including all versions of ClickCartPro and EuropaCart are unaffected by the Heartbleed OpenSSL exploit. The exploit compromises the server at a much lower level.

Users with Kryptronic Software who are hosted on servers which were compromised by a Heartbleed attack should contact Kryptronic immediately. Our Custom Shop can provide you with a quote to review and clean your software, if you think it may have been affected. Kryptronic Software does not store any financial information for customers, thus limiting your liability in the event of a problem.

We’re Committed to Security

Stability and security have been the cornerstones of our software’s architecture since introduction in 1999. We pride ourselves on offering the most secure ecommerce software applications, and hosting environments, available. If you were not hosting with us and have had a problem due to this Heartbleed OpenSSL exploit, or any other type of problem, we can help. Just give us a call.

Call 1-800-704-4160 (US Toll Free) or 717-793-2607 (International) if you have questions and we’ll do our best to help.