You have certainly heard of the the Heartbleed bug. It is a very important security issue with the OpenSSL protocol, which is basically used for SSL certificates (accessing web pages using https://).
This bug affected a very large amount of servers on the Internet and the attacker might have been able to read the memory of the server, thus gaining access to the private keys, which would in turn render the encryption useless.
At XWiki SAS, we immediately upgraded the OpenSSL version to a patched one that doesn't show this problem anymore. We will continue to monitor the situation closely to ensure everything is OK.
Even though there is no reason to believe that any of your account data or personal information has been compromised in any way, it is still a good idea to change the passwords you use to log in to XWiki, as a precaution, as changing your passwords regularly helps ensure privacy and protect your personal information.
