What is it?
The Heartbleed vulnerability is a critical vulnerability affecting specific versions of OpenSSL, an extensively deployed open source library used in the products of many vendors.
Has CIHI been compromised?
No. Overall, the impact of this vulnerability for CIHI so far has been “low,” since none of the publicly available websites that we host internally were affected.
What is CIHI doing about it?
Fortunately, we detected this issue early and immediately assessed our website and external systems and proactively applied any necessary remediation. We are continuing to audit our external systems and working with our vendors to ensure we proactively address any issues that may arise.
For additional information on Heartbleed: http://heartbleed.com/
Questions: Please contact CIHI at firstname.lastname@example.org.