Earlier today it was found that the latest versions of the OpenSSL library had a critical security issue which could allow an attacker to access SSL traffic. SSL traffic typically contains sensitive data like usernames, passwords or SSH keys (public and private).

We are currently working on patching OpenSSL on all of our servers.

Update 5pm UTC: 70% of our systems have been patched. We’re working on patching the rest.

Update 8pm UTC: all of our systems have now been patched.

We have published an official statement with more details and recommendations on our main blog: http://blog.webfaction.com/2014/04/security-issue-in-the-openssl-library-heartbleed-bug/