Earlier this week, researchers disclosed a critical vulnerability in recent versions of the OpenSSL library, known as the Heartbleed bug.
You'll be glad to know that our servers were patched two days ago (4/9/14) and new security certificates were put in place yesterday (4/10/14).
Heartbleed cannot affect our servers now.
While we have received no indication that CharityTracker or Oasis Insight were compromised in any way, we recommend changing the passwords your team uses to log in as a precautionary measure.
Our security team will continue to monitor this issue and provide more information as necessary.
If you have concerns related to the security of your CharityTracker or Oasis Insight account, please send us an email.