Infusionsoft Blog


Subscribe to Blog

Also, tell me more about Infusionsoft

What You Need to Know About Heartbleed

by Erin Hinson

Post image for What You Need to Know About Heartbleed

We wanted to respond to the recently discovered Internet bug, Heartbleed, which affects the OpenSSL framework used by many websites to privately send and receive data.

Heartbleed and Infusionsoft

Infusionsoft was not directly affected by Heartbleed. No Infusionsoft servers were affected by the bug, but a third party API proxy service that we are using in a very limited beta with developers was affected. The API proxy service, hosted by Mashery, patched the bug and as a precaution we re-keyed our SSL certificates with Mashery.

To proactively protect your personal and business data from Heartbleed, we highly recommend the following actions:

  • Reset all online passwords, especially if you use any of the websites listed here.
  • Use unique passwords for every website; you can use Random to create strong passwords.
  • Consider using a digital password vault like Lastpass to safely store and auto fill your passwords. As an added benefit, Lastpass has added a scan for Heartbleed.

If you have created or have hired a developer to create an integration with Infusionsoft, there is a potential that your server may be vulnerable to Heartbleed. Contact your developer to make sure they’ve patched your server and have updated your Infusionsoft API key. Need help updating your Infusionsoft API key?

Sometimes the Internet can be a scary place, but we have put the appropriate measures in place to keep your data safe. If you have any questions or want to learn more, please read this overview. For more technical details, visit

UPDATE: The original post stated that Heartbleed had no impact on Infusionsoft, while that remains true, this post has been updated to reflect the impact of the third party API proxy service that was affected by Heartbleed. 

Previous post:

Next post: