Heartbleed Security Bug and Your Forwarded Email / Google Account

Emerge2 has sent out two versions of this courtesy security notification to mailboxes originally setup by Emerge2. Mailboxes that are auto-forwarded to another address received this notification (below). Mailboxes that are not auto-forwarded (i.e. are directly read by the user) received a different notification (you can read it here).

Copy of Client Notification (Forwarded Version)

For Forwarded Email: {EMAIL_ADDRESS}

Emerge2 setup and/or maintains the Google Accounts for your organization’s domain name, including account {EMAIL_ADDRESS}. Emerge2 is sending this courtesy security notification to its clients who use Google Apps.

Heartbleed Security BugBy now, many people have heard about the Heartbleed security bug that was recently discovered. More info: heartbleed.com

Since this security vulnerability has the potential to affect a large portion of the Internet, the general advice is for people to change their passwords after each vulnerable system has patched their service.

One of the affected services was Google Apps (which manages email forwarding for your your {EMAIL_ADDRESS} address). Google has announced that their Google Apps services have been patched, therefore password changes are now strongly recommended for Google Accounts.

Your Account is Auto-Forwarded

Since your email address {EMAIL_ADDRESS} is automatically forwarded to a different email address, you don’t access this account directly to retrieve your email. The password on email address {EMAIL_ADDRESS} is not used to retrieve your email but it is still a potential risk.

Therefore, as a courtesy and in light of the potential Heartbleed risk, we have changed this unused password on your behalf.

Don’t worry, your emails are still being automatically forwarded from {EMAIL_ADDRESS} to the same destination mailbox where you retrieve your email. The forwarding has not changed.

No action is required by you as a result of this behind-the-scene password change. This message is merely informational.

Email Administrators

If you maintain Google Accounts at your organization, then please ensure that all of your Google Apps users change their passwords. Emerge2 is only sending a courtesy security notification to the mailboxes that Emerge2 has setup. If someone at your organization, or a third-party on your behalf, has setup additional mailboxes, those users should also be informed about this.

Emerge2 Servers

As a side note, as soon as the Heartbleed bug was announced, Emerge2 immediately checked all of our servers, internally and using third-party Heartbleed detection tools, and determined that none of Emerge2’s servers were vulnerable to this bug. (more)

If you have any questions about Heartbleed and how to change the password on your Emerge2 setup/maintained Google Accounts, please either open a help desk ticket with your questions at help.emerge2.com or call us at 519-886-0100.


Emerge2 Support