Have no fear, TIR submitters! Our online submission application was not affected by the Heartbleed bug. Your credit card information is safe.
Submittable, the company that runs our submission system, has issued the following statement:
The Heartbleed bug is a very serious exploit and it affects a very large number of sites—big and small. Fortunately, Submittable's systems do not use OpenSSL, so we were unaffected by the Heartbleed bug. SSL connections to Submittable services were never at risk of being compromised.
Please note that just because Submittable was unaffected does not mean that your password is not at risk. If you used the same password on any other sites that were affected by the bug, then you probably want to take the extra precaution of changing that password on every site it was used.
We are using this as a "teachable moment" to remind our staff and customers:
—use a different password on every site
—change your passwords regularly on any sites where you store sensitive information
—use "good" passwords with a mix of letters and numbers