As you may be aware, a website vulnerability, named the Heartbleed Bug, was announced Internet-wide on Monday, April 7th, 2014. This bug left websites unprotected against certain OpenSSL security threats. When the vulnerability was announced, we immediately brought down all Oculus sites and services to make the necessary changes to protect our data. You can read more about this OpenSSL vulnerability at http://heartbleed.com/.
Weâ€™ve taken the following actions:
What do you need to do?
- Weâ€™ve patched all Oculus servers on Tuesday, April 8th, after the announcement of the vulnerability
- Weâ€™ve regenerated and reissued all SSL certificates for Oculus domains
- Weâ€™ve reset internal Oculus credentials and passwords
- Weâ€™ve reset all active sessions and everyone will need to log-in again
We sincerely apologize for the inconvenience. Security is extremely important to us, and we continue to take every possible precaution to prevent unauthorized access to your information.
If you have any questions, donâ€™t hesitate to email us at email@example.com.
The Oculus Team