Security Update regarding “Heartbleed” and SignChannel

As you may know, earlier this month a significant Internet security flaw, CVE-2014-0160, nicknamed “Heartbleed” was discovered in a widely used software component known as OpenSSL.  We’d like to share with you the status of SignChannel, and what steps you should consider taking.

We have reviewed our infrastructure and we have determined that the web site was using the vulnerable version of OpenSSL. On April 13th, we updated the web site to mitigate the vulnerability, and a fresh SSL certificate is now in place.

The nature of the Heartbleed problem means we have no way of knowing if that formerly-vulnerable server was probed by malicious actors.  We have no information that any data was compromised. Nonetheless, we recommend that our customers change the passwords they use for the service.

If you have any questions, please contact us at

For information on how Heartbleed affects Scala’s other products, please see the Important Security Update from Scala regarding “Heartbleed” web page.


The SignChannel team

Leave a Reply

Your email address will not be published. Required fields are marked *