Monthly Archives: April 2014

MaxMind website and services unaffected by Heartbleed Bug (CVE-2014-0160)

MaxMind’s website and services were unaffected by the recently announced Heartbleed bug in the OpenSSL cryptographic software library.

The discovery of the Heartbleed bug means your encrypted connections with websites that used particular versions of the OpenSSL library (versions 1.0.1-1.0.1f and 1.0.2-beta1) may have been compromised, exposing your logins, passwords, and other data. MaxMind does not use a vulnerable version of the OpenSSL library on internet-facing servers. So you need not worry that your credentials or data were compromised.

This article on ReadWrite describes the bug in more detail as well as what to do to determine if your servers are vulnerable and how to protect yourself personally.

We strongly recommend you change your passwords on any sites affected by the bug. You should assume a site was affected unless you hear otherwise. Mashable and CNET provides a partial list of sites affected by the bug.

Please contact support@maxmind.com with any questions.