As you may have read over the last week, OpenSSL announced a major weakness to its cryptographic software library: the Heartbleed Bug.
At OnDeck, security is a top priority. We took action before the published exposure by turning off the OpenSSL heartbeat function – which is the Heartbleed vulnerability – and applied the safe version of OpenSSL immediately after it was available.
We see no signs of exposure and are continuing to monitor closely. That said, we recommend that customers update their passwords as a normal precaution. Click here to reset your password.
For more information about the Heartbleed Bug and which websites may have been affected, click here.