On April 17, 2014, Nick Sullivan discussed the Heartbleed vulnerability and its impact on CloudFlare. The company issued a challenge to find out if their private keys were at risk due to this bug. After revoking and reissuing all SSL certificates they manage, they concluded that within two hours a dedicated attacker could retrieve a private key from a vulnerable server. They recommend administrators running servers using vulnerable versions of OpenSSL to patch the software and reissue and revoke all their private keys.