This critical vulnerability has affected a large portion of service providers over the Internet, who are using OpenSSL.
After our investigation there is no evidence that any Blinksale user credentials or user data were compromised.
The Blinksale application is not using a version of OpenSSL having the Heartbleed vulnerability.
The Blinksale public website is hosted on AWS ElasticBeanstalk, which may have been using a version of OpenSSL that was vulnerable. Amazon has reported that all AWS services have been updated.
All the accounting and invoicing applications with which Blinksale integrates already were or have been secured.
As a precaution, we are rotating all of our SSL certificates and keys.