Brightcove has conducted an audit of its servers for exposure to CVE-2014-0160, commonly known as "Heartbleed." Brightcove services were minimally affected and no sensitive data such as usernames, passwords or API keys were exposed at any time. The Brightcove Video Cloud Analytics module was exposed until April 8, 2014, when the Brightcove team successfully patched the exposure. We are not aware of any unauthorized access to any data, and no customer action is required.
Additionally, Brightcove customers participating in the new Player beta program may have been affected. We have reached out to the beta participants and are urging them to change their new Player and Video Cloud passwords as soon as possible.
For any questions, please contact Brightcove Customer Support.