As you may be aware, a major vulnerability has recently been discovered for OpenSSL, the popular encryption software that powers 2/3 of the web. Some LogMeIn services and products rely on OpenSSL.
We take the security of our customer data very seriously and at this time have no evidence of any compromise, but like many web companies, our security team took immediate action to proactively address the issue.
We’ve already updated many products and parts of our services that rely on OpenSSL, and are in the process of updating all remaining aspects of our services that leverage OpenSSL.
In addition, our security team continues to perform a rigorous diagnostic investigation to ensure the protection of our users and will provide product-specific updates if and when necessary.
We’ve completed key updates to impacted products and services, including replacing certificates on the affected servers. Below is a list of products impacted, steps taken and recommended customer actions.
NOT impacted by the OpenSSL vulnerability: LogMeIn Rescue, join.me, Hamachi and AppGuru
Impacted and updated:
BoldChat — Updated. We recommend BoldChat users change their BoldChat password.
Cubby — Updated. We’re recommending that Cubby users change their login password.