4/11/14 - Tumblr sent an email to users regarding the Heartbleed bug and urged users to change their passwords on the site.
4/11/14 – Tumblr sent an email to users regarding the Heartbleed bug and urged users to change their passwords on the site.

News broke this week that a vulnerability in security encryption software potentially left personal information exposed on many popular websites. One of the affected sites was Tumblr. While it was recommended that users change their passwords on affected sites, doing so could potentially be more harmful if the site had not fixed the vulnerability with a patch.

Today, Tumblr announced in an email that their team “took immediate action to fix the issue” and recommended changing passwords as well as enabling two-factor authentication on the site.

Here’s the message that was sent out to Tumblr users today:

“A major vulnerability has been disclosed for the technology that powers encryption across the majority of the internet. That includes Tumblr. Our team took immediate action to fix the issue, but you should still take some time to change your password, not only on Tumblr but on any other sites you visit.

“You should also strongly consider enabling two-factor authentication. It’ll go a long way to ensure that no one besides you can access your account. Thanks, and take care.”

Once you've logged in to your Tumblr account, you may see this reminder. The Learn More link takes you to an important security update.
Once you’ve logged in to your Tumblr account, you may see this reminder. The Learn More link takes you to an important security update.