Curious.com is secure.
Like more than half of the internet, we had to move quickly to get ahead of the heartbleed vulnerability last week. We found out about it on Monday along with the rest of the engineering community, and immediately took steps to patch our servers, followed shortly after by updating our encryption keys.
How does this affect you on Curious?
We think it's highly unlikely that we were a target or that any of your data was stolen. We require very little sensitive data (first name, last name, email, and password) and we use a 3rd party for credit transactions, so our servers never see a credit card number. As a precautionary measure, you may want to change your Curious password here if you are concerned.
What steps should you take elsewhere?
For any sites that have sensitive data, we recommend changing your password, and avoid re-using passwords or password patterns. We know this is a pain, so this might be a good time to get a password manager (LastPass and 1Password are both good - see this article for comparisons). For more advice on password security, see this.
On behalf of the Internet, we'd like to apologize for the inconvenience. We also use the web, so we feel your pain.
Now get back to learning; it’s more fun than password security.