I agree, I just launched my website a week ago, I need some kind of statement from paypal about this problem, for my own confidence going in and to stop the customer panic that is happening. PAYPAL what are you doing to protect us and our customers?
Most sites that have implemented the security patch for heartbleed have posted this info on their home pages so customers know they are secure. Since PayPal hasn't posted any updated info, you should assume that they have yet installed the patch. Once they do, change your passwords
It is critical that Paypal release a statement on security in light of the heartbleed bug. We are a charity and we use paypal to process donations & monthly giving and our donors are calling us asking about security. We just lost a donor because of this because we could not comment on the status of paypal.
It is very curious how ambiguos the statement by James Barrese is. At no point does he state clearly "We do not use OpenSSL", it sounds like an attempt to pacify the nervous users without a clear statement.
agree it's very flakey - no real commitment and no mention of customers who are not PayPal customers but on sites such as ours that use PayPal as the payment gateway. I'm being asked and all I can say is that PayPal passes the heartblled test but I'm uneasy
