Recently news has been busy with details of a serious vulnerability that is being exploited by hackers - see here for details
This is known as Apache Log4j2 vulnerability (CVE-2021-44228)
We have performed a full can of all of our systems and services - both backend and front-end - and have not found any applications or services that make use of the log4j logging API. This is in line with our standard security monitoring, ISO 27001 and vulnerability detection processes.
We are continuing to monitor the situation and will take any necessary steps to ensure our systems are as secure as possible.