Back to Zopa Blog

Heartbleed vulnerability response

Posted on 10 Apr 2014 by Mat Gazeley

On Monday a security patch was released to the OpenSSL project to fix a serious security vulnerability. The bug, nicknamed Heartbleed, allows anyone to read information from the memory of a server that is running a vulnerable version of OpenSSL.

As news of the Heartbleed bug spread, Zopa took immediate steps to review our servers and the version of OpenSSL that we were running. As a result of the investigation we found that we were not running the vulnerable version of OpenSSL and so not affected by the Heartbleed vulnerability.

Although we were not affected, other websites that our members use may have been. We highly recommend our members change their Zopa password to be safe especially if the same login credentials are used to access a number of sites.

Thanks, Zopa

Category: Service updates
Tags: technology

We're here to help

Monday to Thursday (9am to 5:30pm), and Friday (9am to 5pm).


Telephone: 020 7580 6060 for loans

Telephone: 020 7291 8331 for investments

We can't take applications over the phone. UK residents only. Calls may be monitored or recorded.