On Monday, April 7th the Heartbleed bug was announced by OpenSSL. Heartbleed is a vulnerability in the OpenSSL cryptographic library, you can get details at http://heartbleed.com/
Was Passpack vulnerable?
Passpack utilizes OpenSSL and we were vulnerable to this bug. Our systems were updated this morning April 8th, new SSL Keys were generated and new SSL Certificates requested and deployed. So Passpack is no longer vulnerable, we have also had a feature called “perfect forward secrecy” enabled on our SSL connection for some time which eliminates the ability to decrypt traffic retroactively.
What should I do?
Since roughly 2/3 of the internet was also affected by this vulnerability we also recommend that you consider changing your passwords at other sites as they were likely vulnerable to the same attack.