[tmaher]

Hi, our response can be found at...

http://blog.heroku.com/archives/2013/1/9/password_hijacking_...

Thanks again to Stephen for giving us ample time to fix this.

-Tom Maher, Heroku Security Team