NOD News

Heartbleed bug: no reason for concern

Published: Sunday, 13 April 2014 13:22

These past few days, you may have heard of several warnings for the so-called "Heartbleed bug". This bug allowed hackers to exploit an OpenSSL vulnerability among several servers, and steal login details (such as passwords) of several well-known websites from Google to Yahoo.

The question is: does the server of the New Order of Druids website (druidcircle.org and druidcircle.net) have the same vulnerability, and do you need to change your NOD account password?

The answer is no. 
Priorweb, the host of the NOD website, has announced on their website that their servers did not use the vulnerable versions of OpenSSL. This means that hackers would not have been able to steal login details from any websites hosted by Priorweb, and that includes the websites of the New Order of Druids. 

In short, you do not need to change your password on the NOD website, unless you happen to use the exact same login details on other websites as well, that do or did have that vulnerability. 

Here you will find a list of websites that have, or have not, been affected by the Heartbleed bug:

http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/

More information on Priorweb's announcement (only available in Dutch):

http://www.priorweb.be/over-ons/nieuws/20140410/kritiek-lek-in-openssl