We are patched against OpenSSL vulnerability CVE-2014-0160. Please be aware that other sites on the Internet may not have been patched yet. If you do not see a statement from a site about this, please ask for one before submitting any login or other sensitive data to them.