On April 7, 2014, an OpenSLL vulnerability was announced.
Its official designation is CVE-2014-160, but it has been widely advertized in the media as “Heartbleed”.
OpenSSL enables secure communications over the internet and is widely used to access websites.
After the announcement of the vulnerability, Agfa Healthcare has performed an OpenSSL inventory on its products, services and IT infrastructure and performed corrective actions (patches, certificate renewal, password reset) where needed and informed the affected customers.
At this time Agfa HealthCare products, services and hosted websites are not vulnerable to the Heartbleed bug and no evidence of exploit was discovered.
It is a good practice to change your passwords at this time, especially if you share the same password for professional and private use because several popular websites are affected by the Heartbleed bug.
For more information about Heartbleed, please visit the following resources:
- Heartbleed vulnerability summary CVE-2014-0160 (NIST): http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0160
- Heartbleed Q&A: http://heartbleed.com/
- Affected websites (non-Agfa): http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/