By now you’ve probably heard about the Heartbleed security flaw in OpenSSL’s heartbeat extension that has affected many prominent sites.
Thankfully, private Vimeo account details were not compromised by Heartbleed.
We do use OpenSSL in some areas of the site, but these areas do not touch private information and have already been updated since the flaw was detected.
It is completely safe for you to change your password on Vimeo and we strongly recommend doing so if you use the same password on Vimeo and sites that were impacted by the Heartbleed flaw, such as Yahoo, Tumblr, Google, Facebook, or Amazon.
If you’d like to know more, here’s an explanation of what Heartbleed is and how it works: