We have been closely following the advisories regarding the GHOST vulnerability which was disclosed on January 27th. This vulnerability affects the Linux operating system upon which the Tradeshift platform runs and has prompted us to take the following measures:

1) All servers are being patched on Friday, January 30th at 5 PM PST.  We expect this to take about an hour. As it requires platform-wide reboots, expect the Tradeshift to be intermittently available until patching is completed.

2) All new servers brought online going forward will be patched as part of the provisioning process.

We can confirm that Tradeshift platform has not been compromised at this point in time. This is a proactive measure being taken to harden the platform before the proof-of-concept code is released.

As always, we are acutely aware that we process and archive data for which the privacy is a top concern our users and as such, we continuously evaluate and improve the security of the platform accordingly.

If you have any questions or concerns specific to your Tradeshift account please feel free to reach out to us via a support ticket or email sent to: support@tradeshift.com.