The “Heartbleed” security vulnerability is at the top of everyone’s mind this week, and for good reason. We want to assure you that we began a security audit as soon as the vulnerability was disclosed and we’ve run tests to ensure that our servers are not subject to this vulnerability. We’ve also reviewed our integrations with third party systems, confirmed that all impacted systems have been patched accordingly, and rotated our API keys as necessary.
This is also a good time to reassure you that we do not store credit card data, not even temporarily in memory. All credit card data is captured directly by our credit card processor, Braintree.
Nevertheless, we’re taking this as an opportunity to review security across our systems and ensure that all appropriate measures are in place.
Let us know if you have any questions. Thanks for your continued support!