Heartbleed and Zane Health

Written by: PeopleKeep Team
April 14, 2014 at 5:18 PM

heartbleedOn Monday morning, April 7th, 2014, the bug known as "Heartbleed(CVE-2014-0160) became public knowledge. Zane Benefits has addressed this issue.

What is Heartbleed, exactly?

Heartbleed (CVE-2014-0160) is a bug in OpenSSL version 1.01 and 1.02 Beta regarding SSL/TLS handling. During the heartbeat exchange between browser and server, the OpenSSL software was relying on a packet size variable from the user. This packet size would be grabbed from memory and sent back to the user as part of the heartbeat.

Do I need to do anything?

While Zane Benefits has resolved the issue, we strongly recommend that you reset your password. Click here to login now and change your password.

Additional Resources

Trying to decide which HRA is best for you? Take our quiz to find out.
Get our guide on how to offer health benefits with a small budget.