RIPE NCC Security Update on "Heartbleed" SSL Encryption Bug
The RIPE NCC is highly committed to protecting our IT infrastructure and safeguarding our members' data. Last week, a bug exploiting a serious security vulnerability in SSL encryption technology was discovered to have affected millions of websites.
More info on Heartbleed: http://www.us-cert.gov/ncas/current-activity/2014/04/08/OpenSSL-Heartbleed-Vulnerability
The RIPE NCC uses SSL encryption and investigated and patched its production servers as soon as the vulnerability was exposed. We are currently replacing our production SSL certificates. We have found no evidence that Heartbleed compromised a RIPE NCC system or RIPE NCC Access account. However, as a precaution, we recommend:
- RIPE NCC Access account holders change their password https://access.ripe.net
- Users create new API keys and disable existing ones
Please contact ncc@ripe.net if you have any questions.