What is the Heartbleed Bug
The Heartbleed Bug is an OpenSSL security flaw that was announced in April 2014. It has since gained a lot of media publicity. The Heartbleed Bug is registered in the Common Vulnerabilities and Exposures system as CVE-2014-0160.
Was TaxLab affected
No. We predominantly use Microsoft technologies including Microsoft Azure, which does not use OpenSSL. As such, TaxLab has been unaffected by the Heartbleed bug. We can assure you that your TaxLab data was not at risk from the Heartbleed Bug. This includes our Tax Provision Software, Income Tax Return Software and FBT Software.
Actions we have taken
Any time there is a potential threat to the TaxLab system, we conduct a security review. This includes understanding the threat in detail and its potential impact on the TaxLab system and our users. We have evaluated Microsoft’s response and release of information regarding Microsoft Azure and Heartbleed. We can rely on their systems as unaffected.
What you should do
While TaxLab was not vulnerable, other services that you use from other companies may have been impacted. If you use the same password for TaxLab as other websites or services, we recommend you change your TaxLab password immediately. Beyond that, no further action is necessary in respect of TaxLab’s tax software system.
In general, we remind you that its good practice to regularly change any passwords that you use online. You should also use a different password for each site that you use. In particular, you should regularly change your online email password. You should also enable multi-factor authentication if it is available.
If you would like to know more about TaxLab’s response to the Heartbleed Bug please contact us any time. We don’t publish all of our security precautions (as this would inherently be a poor security practice). However, we would be happy to discuss some of our security precautions with you and how we mitigate risks.