Security update: Heartbleed vulnerability
Incident Report for Remember The Milk
As you'll likely have heard, this week a new security vulnerability was announced in OpenSSL, a technology used to secure most of the traffic on the Internet. This vulnerability is known as Heartbleed.

Like many web services, Remember The Milk uses OpenSSL to maintain the privacy of data sent between your computer and our servers.

As soon as the vulnerability was announced, we immediately worked to secure our systems and replace the affected SSL certificate. We don't have any indication that this vulnerability has been used to attack Remember The Milk, but take a very cautious approach to security.

As a proactive measure, we logged out all browser sessions that were active prior to the vulnerability being addressed; you may have been logged out and asked to log back in again.

To be extra cautious, we recommend changing your Remember The Milk password (see help). With so much of the Internet affected by this vulnerability, many experts are recommending that you take the time to change all of your online passwords.
Posted Apr 09, 2014 - 01:11 PDT