Jump to content
Sign in to follow this  

bidorbuy and the Heartbleed bug

Recommended Posts


On April 7th, 2014, a serious defect was found in OpenSSL, a core cryptographic library that is used to protect communications on the Internet. This flaw affects a substantial number of applications and websites running on the Internet, including bidorbuy.


The defect can allow attackers to read the memory of systems using the vulnerable versions of the library which results that data in memory may be disclosed, which conceivably could include usernames and passwords of users or other data stored in server memory.


Our engineering team proactively responded to this threat on April 8th, 2014, and has patched all production servers to mitigate the vulnerability. We have also revoked, re-keyed and re-issued SSL certificates as a matter of best practice.


We have no evidence that bidorbuy user credentials were compromised, but recommend that our customers change their passwords as a precautionary measure. If you share the same credentials on other websites, it is advisable to change your credentials on those systems as well.


As you know, security is a critical component of our marketplace and our security team will continue to monitor this issue and provide more information if necessary.


If you have any concerns related to the security of your bidorbuy account, please contact us at hello [at] bidorbuy.co.za.

Edited by MacMuffin

Share this post

Link to post
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in

Sign In Now
Sign in to follow this