To our members and customers:
As you are likely aware, a vulnerability has been discovered with OpenSSL. This is called CVE-2014-0160, or the "Heartbleed Bug." You can find more information regarding the specifics of this vulnerability by going to the National Vulnerability Database (http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0160) or to the Heartbleed website (http://heartbleed.com).
INFORMS immediately investigated and inspected our servers. Fortunately, we have not discovered any issues with the implementation of OpenSSL in our environment that would allow this bug to exploit or compromise any data under our control. As a precaution, we have applied emergency patches on our servers and all SSL certificates have been reissued and reset.
INFORMS takes the protection of your privacy and our systems very seriously. We encourage you to change your passwords. If you have any questions, contact us at [email protected].