ShareASale does not use the vulnerable versions of OpenSSL in any of our websites, nor in our FTP servers, so the Heartbleed bug does not present a risk to any ShareASale usernames, passwords or other data. If you use the same password on other sites, you may want to change that password in case it was compromised at one of the other locations. We also encourage you to use our Two Factor Authentication which can help to mitigate the damage in the case of a compromised password.
A third party provider which handles some email for the shareasale.com domain was vulnerable to this bug. That provider has patched their systems and issued new certificates. Neither ShareASale nor the provider has any reason to believe that information was inappropriately accessed due to this vulnerability. If any data was compromised, it would be limited to the contents of the email sent to the shareasale.com domain.
Please feel free to contact ShareASale if you have any additional questions.
Leave A Comment