Heartbleed is the common name for a vulnerability discovered in April 2014. It is a vulnerability in a widely used open source library called OpenSSL. This library is used by many applications, websites and hardware throughout the world. It enables an exploit that can potentially be used to view sensitive information in a web server. You can find out more about Heartbleed by googling for 'heartbleed' or checking out this site - www.heartbleed.com.

We take the security of your data very seriously, and to that end we have performed a thorough investigation of this vulnerability and its possible impact on Objective Connect. We can confirm that Objective Connect infrastructure was updated last week (April 7, 2014) and your data is now fully protected against this threat.

An exploit of the Heartbleed vulnerability might have allowed an unauthorised person to view the contents of data transiting between you, but under no circumstances would it have enabled an unauthorised person to access the underlying database or any of the documents stored within Objective Connect.

Because of the nature of the vulnerability we strongly recommend you change your Objective Connect password.

For more details, please view this Objective FAQ.

Please feel free to contact me if you want to discuss any of this.

Damian Fawkner
Chief Information Security Officer