You may have heard of a recently discovered security issue – called Heartbleed – that has impacted many sites on the internet this week, including the Client Site functionality in your WeddingWire account. Heartbleed affected OpenSSL, a type of technology websites use to keep information secure as it travels through the web. Here’s what WeddingWire Pros need to know about Heartbleed and how it affected your account.
What is the Client Site?
The Client Site provides easy access to contracts, questionnaires and invoices, all in one password-protected, secure location, accessible via desktop & mobile devices.
Who was affected?
- Premium Pros who used the Client Site before the vulnerability was fixed.
- Client(s) of those Premium Pros who used the Client Site before this vulnerability was fixed.
While this vulnerability affected the Client Site (as well as many of the sites on the Web), we have no indication that anyone exploited this vulnerability and we patched it as soon as we learned about it.
What did WeddingWire do to address the vulnerability?
We took immediate action to fix the vulnerability in our infrastructure. And although we have not found any evidence of malicious behavior we’re encouraging you to take the following actions to ensure your client data is safe.
What action should I take?
Since each of your clients gets their own password protected ‘Client Site,’ we advise you to update the password for each of your clients by taking the following steps:
- Log in to WeddingWire
- Go to the Clients section
- Click into the client’s name
- Then click the ‘Change’ link, located next to the client site password
*Make sure to include a password hint for your client to easily access their client site*
WeddingWire takes information protection very seriously and will continue to work to ensure that appropriate measures are taken to protect your personal information. Please contact our Support Team at firstname.lastname@example.org should you have any additional questions.