If you’ve dealt with software for any length of time, you’ve experienced some great things. You’ve seen video games become incredibly realistic on a handheld screen in less than a decade. You’ve seen companies like Uber grow like wildfire with app updates that appear to occur weekly. These are some amazing feats, but with the good, must come the bad as well.
Every software company in the world will face a certainty… if they haven’t already been faced with a security issue, they will. It’s only a matter of time. Such is the nature of being a software company. The entire internet was faced with the infamous firesheep exploit in 2010 where all of our favorite websites were affected. In the same year, nearly every Microsoft-based website faced a serious threat as well with the nasty oracle padding exploit. Even Uber has seen its (unfair) share of getting hacked. Security is simply something that affects us all, no matter which company we want to reference.
No company can successfully prevent 100% of the attempts of those who wish to do bad things online. What matters is how a company responds. As a company, we’re not proud to announce that we’re in such a time ourselves, but we are excited about our ability to respond for you, our clients.
How you respond will be unique to every company. However, in general, you’ll determine the validity of the report, then research the report more deeply to determine the scope of the issue. Finally, you would create a fix, test that fix, and then issue an announcement about the issue.
We were in the process of releasing version 02.00.02 when a security issue was raised to our attention by a few customers. This was first thing yesterday morning. We haven’t run this “fire drill” yet ourselves, but we’ve planned for it since day one. Our team immediately shifted gears to respond appropriately to the reports.
With that being said, we have a couple of new releases ready for you. This issue affected our version 1.xx customers, and also affected our version 2.0 customers but to a lesser degree. The safety of your website, your data, and your customer’s information is incredibly important to us, so you’ll find a security bulletin below as well.
We believe that we have reacted to this issue within a short enough time frame to mitigate any actual exploits from occurring. However, you’ll find instructions in the security bulletin above on how to ensure this is the case.
Your security and the security of your customers are our highest priority and concern. We hope that this unfortunate event helps to illustrate this for you and your team.
Please feel free to contact our team directly via support if you have specific questions about the security bulletin. Any other questions or concerns can be freely discussed in the comments below.