As many of you already know, a major security flaw (now commonly known as "Heartbleed") was found in a popular software library used by 1000s of popular websites, including Chess.com. After learning about the issue, our engineers quickly patched it: At present, Chess.com is no longer vulnerable.
We have no evidence that private customer data was ever accessed using this vulnerability, but as a precaution we are asking all of our customers to reset their passwords. Click here to change your password.
Because this bug affected so many websites, we suggest changing your passwords on other web-based services as well. Better safe than sorry.
- The Chess.com Team