It has been discovered that there was an issue with the encryption software library called OpenSSL which is used in a majority of online software and websites. It has caused some concern in the general media and is being referred to as the heartbleed bug. We felt we should quickly inform you about this issue, and what it means in relation to PayrollHero.
PayrollHero has had very limited exposure, one minor part of our system was affected. This was the software we use to distribute incoming site traffic across our servers. The issue was fixed in less than twenty fours hours of being reported.
There is no evidence to suggest that there has been any intrusion on our software but we’ve taken some additional steps to protect our users. This includes invalidating all existing open sessions prior to the patch, so you’ll need to log back in to PayrollHero. As the nature of this vulnerability is widespread, we recommend changing your passwords across the web, especially for sensitive sites (banking, data storage, etc.)
This sort of quick response time is one of the benefits of using cloud based software. It allows us to fix any problems without having to issue an update or patch. You can be reassured you are constantly receiving the best security for your data well before you are even aware there is a problem.
If you have any questions about this matter please don’t hesitate to contact us through our support email support@payrollhero.com
The PayrollHero Support Team