April 10, 2014

Security Notice on CVE-2014-0160 (Heartbleed)

Heartbleed is a serious defect in OpenSSL, a core cryptographic library that is used to protect communications on the Internet. This flaw affects a substantial number of applications and services running on the Internet, including TradingView.

TradingView proactively responded to this threat and has patched all production servers to mitigate the vulnerability.  We have also revoked, re-keyed and re-issued certificates as a matter of best practice.

We have no evidence that TradingView user credentials were compromised, but recommend that our customers change their passwords as a precautionary measure.

Security is a critical component of the trading service we provide for our users. Our security team will continue to monitor this issue and provide more information as necessary.