Important security news from Doodle

April 10, 2014

Earlier this week a vulnerability in the OpenSSL library was disclosed. Doodle uses this library to encrypt data transmissions like many other Internet services. Therefore Doodle might be affected by this issue. Learn more about the vulnerability on heartbleed.com.

First and foremost we want to express that all Doodle systems have been updated after the disclosure and the issue is therefore resolved on doodle.com.

There are no signs that the vulnerability was exploited to tap into Doodle’s data transmissions. However, due to the nature of the vulnerability this cannot be completely ruled out, though.

We want to emphasize that NO credit card data could have leaked via Doodle as this data is sent directly to our billing provider from your browser.

As a precaution we recommend that you reset your passwords and reconnect your calendars:

Do not hesitate to contact our support team in case you have any questions.

13 Responses to “Important security news from Doodle”

  1. marc zaharchuk Says:

    Thanks for the security briefing on the resent news events

  2. Marianne Says:

    How do I change the email address that my account is under? I want to get rid of aol ans switch to my gmail account?

  3. tntpop Says:

    I use my Google (or Facebook) account to connect. Am I impacted by heartbleed on doodle.com other than the issue with the other provider (Google or Facebook) ?

    • inturico Says:

      In this case you don’t have to change you password on Doodle. You should consider changing your Google or Facebook password, though.

      Your Doodle team

  4. Yi Says:

    Est-ce que vous répondez également en français?
    Merci

  5. Helen Says:

    I do not have any credit card account associated to my Doodle account. Do I need to change my Doodle passwords too?


  6. I did not need a password until now! should I?? Is it only for certain functions?
    I only use Doodle to plan meetings….

    • inturico Says:

      Dear Lucienne,
      no need to use a password for Doodle while planning meetings, a password is needed for the Premium Doodle functionality.

      Your Doodle Team

  7. alanplum Says:

    Did you verify that your payment processor was not vulnerable to the exploit (i.e. had the heartbeat feature disabled or used an older version that did not support it)? Otherwise it seems a bit dangerous to claim that your customers’ credit card data is safe, whether your vulnerability could ever have affected it or not.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 13,639 other followers